Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja:01-06-2016 Uruchomiony przez Magdalena (2016-06-03 12:00:06) Run:2 Uruchomiony z C:\Users\Magdalena\Downloads ZaÅ‚adowane profile: Magdalena (DostÄ™pne profile: Magdalena) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: Task: {48126E61-31C0-41AF-99F4-E5D2ED08B8B0} - System32\Tasks\IBUpd2 => C:\Users\Magdalena\AppData\Local\BrowserAir\47.0.0.5\updater.exe <==== UWAGA Task: {E951E85F-BD45-4C68-9822-9C4C16DAFED4} - System32\Tasks\IBUpd => C:\Users\Magdalena\AppData\Local\BrowserAir\47.0.0.5\updater.exe <==== UWAGA Task: {FBD2E659-CF07-4EE3-ABF4-0B964EC28177} - System32\Tasks\SMW_P => C:\ProgramData\smp2.exe [2016-06-03] () <==== UWAGA HKLM\...\RunOnce: [WEPRODUCT21BB3] => C:\Users\Magdalena\AppData\Local\Temp\I5XM880YVG.exe [175616 2016-06-02] () <===== UWAGA HKU\S-1-5-21-3207241678-2084453937-2149904728-1001\...\Run: [Akamai NetSession Interface] => "C:\Users\Magdalena\AppData\Local\Akamai\netsession_win.exe" SearchScopes: HKU\S-1-5-21-3207241678-2084453937-2149904728-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www-searching.com/search.aspx?s=g62zamobl2140bq,b2d06a37-9aac-4599-ada9-42322c59585b,&site=shyosie&prd=setgo&q={searchTerms} SearchScopes: HKU\S-1-5-21-3207241678-2084453937-2149904728-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www-searching.com/search.aspx?s=g62zamobl2140bq,b2d06a37-9aac-4599-ada9-42322c59585b,&site=shyosie&prd=setgo&q={searchTerms} ShortcutWithArgument: C:\Users\Magdalena\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www-searching.com/?prd=set_epc&s=g62zamobl2140bq,b2d06a37-9aac-4599-ada9-42322c59585b, ShortcutWithArgument: C:\Users\Magdalena\Desktop\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=g62zamobl2140bq,b2d06a37-9aac-4599-ada9-42322c59585b, ShortcutWithArgument: C:\Users\Magdalena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=g62zamobl2140bq,b2d06a37-9aac-4599-ada9-42322c59585b, ShortcutWithArgument: C:\Users\Magdalena\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www-searching.com/?prd=set_epc&s=g62zamobl2140bq,b2d06a37-9aac-4599-ada9-42322c59585b, ShortcutWithArgument: C:\Users\Magdalena\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www-searching.com/?prd=set_epc&s=g62zamobl2140bq,b2d06a37-9aac-4599-ada9-42322c59585b, ShortcutWithArgument: C:\Users\Magdalena\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=g62zamobl2140bq,b2d06a37-9aac-4599-ada9-42322c59585b, ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www-searching.com/?prd=set_epc&s=g62zamobl2140bq,b2d06a37-9aac-4599-ada9-42322c59585b, C:\ProgramData\smp2.exe C:\Program Files (x86)\DriverToolkit C:\Users\Magdalena\AppData\Local\BrowserAir C:\Users\Magdalena\AppData\Roaming\OwiffMuste C:\Windows\system32\bi3.exe C:\Windows\SysWOW64\kz.exe CMD: netsh advfirewall reset CMD: dir /a "C:\Users\Magdalena\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2" EmptyTemp: ***************** Procesy zostaÅ‚y pomyÅ›lnie zamkniÄ™te. Punkt przywracania zostaÅ‚ pomyÅ›lnie utworzony. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{48126E61-31C0-41AF-99F4-E5D2ED08B8B0}" => klucz pomyÅ›lnie usuniÄ™to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48126E61-31C0-41AF-99F4-E5D2ED08B8B0}" => klucz pomyÅ›lnie usuniÄ™to C:\Windows\System32\Tasks\IBUpd2 => pomyÅ›lnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IBUpd2" => klucz pomyÅ›lnie usuniÄ™to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E951E85F-BD45-4C68-9822-9C4C16DAFED4}" => klucz pomyÅ›lnie usuniÄ™to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E951E85F-BD45-4C68-9822-9C4C16DAFED4}" => klucz pomyÅ›lnie usuniÄ™to C:\Windows\System32\Tasks\IBUpd => pomyÅ›lnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IBUpd" => klucz pomyÅ›lnie usuniÄ™to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FBD2E659-CF07-4EE3-ABF4-0B964EC28177}" => klucz pomyÅ›lnie usuniÄ™to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FBD2E659-CF07-4EE3-ABF4-0B964EC28177}" => klucz pomyÅ›lnie usuniÄ™to C:\Windows\System32\Tasks\SMW_P => pomyÅ›lnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SMW_P" => klucz pomyÅ›lnie usuniÄ™to HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\WEPRODUCT21BB3 => Wartość nie znaleziono. HKU\S-1-5-21-3207241678-2084453937-2149904728-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => Wartość pomyÅ›lnie usuniÄ™to HKU\S-1-5-21-3207241678-2084453937-2149904728-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyÅ›lnie usuniÄ™to "HKU\S-1-5-21-3207241678-2084453937-2149904728-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => klucz pomyÅ›lnie usuniÄ™to HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => klucz nie znaleziono. C:\Users\Magdalena\Desktop\Google Chrome.lnk => Skrót - argument pomyÅ›lnie usuniÄ™to. C:\Users\Magdalena\Desktop\Internet Explorer.lnk => Skrót - argument pomyÅ›lnie usuniÄ™to. C:\Users\Magdalena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => Skrót - argument pomyÅ›lnie usuniÄ™to. C:\Users\Magdalena\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => Skrót - argument pomyÅ›lnie usuniÄ™to. C:\Users\Magdalena\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk => Skrót - argument pomyÅ›lnie usuniÄ™to. C:\Users\Magdalena\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk => Skrót - argument pomyÅ›lnie usuniÄ™to. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk => Skrót - argument pomyÅ›lnie usuniÄ™to. "C:\ProgramData\smp2.exe" => nie znaleziono. C:\Program Files (x86)\DriverToolkit => pomyÅ›lnie przeniesiono C:\Users\Magdalena\AppData\Local\BrowserAir => pomyÅ›lnie przeniesiono C:\Users\Magdalena\AppData\Roaming\OwiffMuste => pomyÅ›lnie przeniesiono C:\Windows\system32\bi3.exe => pomyÅ›lnie przeniesiono C:\Windows\SysWOW64\kz.exe => pomyÅ›lnie przeniesiono ========= netsh advfirewall reset ========= Ok. ========= Koniec CMD: ========= ========= dir /a "C:\Users\Magdalena\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2" ========= Volume in drive C has no label. Volume Serial Number is 4487-53FC Directory of C:\Users\Magdalena\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2 2016-06-03 12:00 . 2016-06-03 12:00 .. 2016-05-21 03:19 Application Cache 2016-05-31 16:25 188ÿ447 Bookmarks 2016-05-30 14:55 187ÿ810 Bookmarks.bak 2016-06-03 10:30 Cache 2015-04-23 10:18 31ÿ459ÿ972 ChromeDWriteFontCache 2016-06-03 11:59 4ÿ089ÿ856 Cookies 2016-06-03 11:59 0 Cookies-journal 2016-06-03 11:59 36ÿ671 Current Session 2016-06-03 11:40 826 Current Tabs 2016-06-02 16:45 databases 2016-06-03 11:57 data_reduction_proxy_leveldb 2016-06-02 18:53 787 DownloadMetadata 2016-03-16 22:42 7ÿ168 Extension Cookies 2016-06-03 11:57 Extension State 2016-06-02 18:15 Extensions 2016-06-03 11:58 15ÿ853ÿ568 Favicons 2016-06-03 11:58 0 Favicons-journal 2016-06-02 19:21 File System 2016-06-02 15:44 GCM Store 2016-06-02 15:44 176ÿ873 Google Profile.ico 2016-06-02 19:21 GPUCache 2016-06-03 11:58 26ÿ726ÿ400 history 2016-06-03 11:40 65ÿ440 History Provider Cache 2016-06-03 11:58 8ÿ720 History-journal 2016-06-02 19:28 IndexedDB 2016-06-03 11:57 JumpListIcons 2016-06-03 10:41 JumpListIconsOld 2016-06-03 11:40 837 Last Session 2016-06-03 10:31 44ÿ704 Last Tabs 2016-06-02 15:48 Local Extension Settings 2016-06-03 10:13 Local Storage 2016-06-02 19:24 563ÿ200 Login Data 2016-06-02 19:24 0 Login Data-journal 2014-11-03 23:53 8 Managed Mode Settings 2016-06-02 19:28 Media Cache 2016-06-03 11:57 81ÿ920 Network Action Predictor 2016-06-03 11:57 0 Network Action Predictor-journal 2016-06-03 11:57 191 Network Persistent State 2016-06-02 19:22 89ÿ088 Origin Bound Certs 2016-06-02 19:22 0 Origin Bound Certs-journal 2014-11-04 00:02 Pepper Data 2016-06-02 19:28 Platform Notifications 2016-06-03 12:00 16ÿ330 Preferences 2016-06-02 21:01 24ÿ576 QuotaManager 2016-06-02 21:01 0 QuotaManager-journal 2014-11-03 23:56 180 README 2016-06-03 11:59 50ÿ222 Secure Preferences 2016-06-02 15:45 53ÿ111 Secure Preferencesgbak 2015-09-04 11:10 Service Worker 2016-06-03 11:57 Session Storage 2016-06-03 11:57 126ÿ976 Shortcuts 2016-06-03 11:57 0 Shortcuts-journal 2015-04-29 15:23 Sync Extension Settings 2016-02-10 22:45 Thumbnails 2016-06-03 10:40 20ÿ480 Top Sites 2016-06-03 10:40 0 Top Sites-journal 2016-06-03 11:58 9ÿ214 TransportSecurity 2014-11-03 23:47 User StyleSheets 2016-06-03 12:00 131ÿ072 Visited Links 2016-06-02 15:48 Web Applications 2016-06-03 11:57 589ÿ824 Web Data 2016-06-03 11:57 0 Web Data-journal 2016-06-02 15:40 589ÿ824 Web Datagbak 2016-04-01 10:12 4ÿ096 WebRTCIdentityStore 41 File(s) 81ÿ198ÿ391 bytes 25 Dir(s) 24ÿ600ÿ952ÿ832 bytes free ========= Koniec CMD: ========= EmptyTemp: => 226.7 MB danych tymczasowych UsuniÄ™to. System wymagaÅ‚ restartu. ==== Koniec Fixlog 12:00:34 ====