Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 10-07-2016 01 Uruchomiony przez Bolec (2016-07-12 00:43:23) Run:7 Uruchomiony z C:\Users\Bolec\Downloads Załadowane profile: Bolec (Dostępne profile: Bolec) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: AppInit_DLLs: C:\ProgramData\xifs\Groovelam.dll => C:\ProgramData\xifs\Groovelam.dll [363008 2016-07-08] () AppInit_DLLs-x32: C:\ProgramData\xifs\Scottech.dll => C:\ProgramData\xifs\Scottech.dll [257536 2016-07-08] () S2 xifs; C:\ProgramData\\xifs\\xifs.exe [400896 2016-07-08] () [Brak podpisu cyfrowego] Task: {E0641DFE-A70B-43A4-861F-FC85C068AA40} - System32\Tasks\Driver Booster SkipUAC (Bolec) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe ShortcutWithArgument: C:\Users\Bolec\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> E:\Programy\Mozilla Firefox () -> %SNF% ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> E:\Programy\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %SNF% ShortcutWithArgument: C:\Users\Bolec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP% ShortcutWithArgument: C:\Users\Bolec\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP% ShortcutWithArgument: C:\Users\Bolec\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> E:\Programy\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %SNF% ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> E:\Programy\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %SNF% HKU\S-1-5-21-865181693-1974036264-3221311095-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNeoIGShepo8uLJ7xv4O2s041dKJO6l2gCDI2UeQLByM6bClPTbjr0fPUZqiOWpJwfimBtAiEUkFQTLBe71LhpGFVBS9pA_nb2dqW4ffuJPh129LABq6bQgdvLvekQ34YW9UbpA34Hb5AteAdFN3ncj_F8dGdJYX6aOTBPE-k2KAE,&q={searchTerms} HKU\S-1-5-21-865181693-1974036264-3221311095-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNeoIGShepo8uLJ7xv4O2s041dKJO6l2gCDI2UeQLByM6bClPTbjr0fPUZqiOWpJwfimBtAiEUkFQTLBtydo4tvZOMtZG43EE93YYX2PCO0QP0vNPzGCB-1ZjjwS5KmrjpCbiodksEu1bCkYh2nCk7odGwWj2liHuI5vj2ZK-mBFo, HKU\S-1-5-21-865181693-1974036264-3221311095-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNeoIGShepo8uLJ7xv4O2s041dKJO6l2gCDI2UeQLByM6bClPTbjr0fPUZqiOWpJwfimBtAiEUkFQTLBe71LhpGFVBS9pA_nb2dqW4ffuJPh129LABq6bQgdvLvekQ34YW9UbpA34Hb5AteAdFN3ncj_F8dGdJYX6aOTBPE-k2KAE,&q={searchTerms} HKU\S-1-5-21-865181693-1974036264-3221311095-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNeoIGShepo8uLJ7xv4O2s041dKJO6l2gCDI2UeQLByM6bClPTbjr0fPUZqiOWpJwfimBtAiEUkFQTLBe71LhpGFVBS9pA_nb2dqW4ffuJPh129LABq6bQgdvLvekQ34YW9UbpA34Hb5AteAdFN3ncj_F8dGdJYX6aOTBPE-k2KAE,&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNeoIGShepo8uLJ7xv4O2s041dKJO6l2gCDI2UeQLByM6bClPTbjr0fPUZqiOWpJwfimBtAiEUkFQTLBe71LhpGFVBS9pA_nb2dqW4ffuJPh129LABq6bQgdvLvekQ34YW9UbpA34Hb5AteAdFN3ncj_F8dGdJYX6aOTBPE-k2KAE,&q={searchTerms} SearchScopes: HKU\S-1-5-21-865181693-1974036264-3221311095-1000 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNeoIGShepo8uLJ7xv4O2s041dKJO6l2gCDI2UeQLByM6bClPTbjr0fPUZqiOWpJwfimBtAiEUkFQTLBe71LhpGFVBS9pA_nb2dqW4ffuJPh129LABq6bQgdvLvekQ34YW9UbpA34Hb5AteAdFN3ncj_F8dGdJYX6aOTBPE-k2KAE,&q={searchTerms} SearchScopes: HKU\S-1-5-21-865181693-1974036264-3221311095-1000 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNeoIGShepo8uLJ7xv4O2s041dKJO6l2gCDI2UeQLByM6bClPTbjr0fPUZqiOWpJwfimBtAiEUkFQTLBe71LhpGFVBS9pA_nb2dqW4ffuJPh129LABq6bQgdvLvekQ34YW9UbpA34Hb5AteAdFN3ncj_F8dGdJYX6aOTBPE-k2KAE,&q={searchTerms} DeleteKey: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains DeleteKey: HKCU\Software\Microsoft\Internet Explorer\Search DeleteKey: HKCU\Software\Microsoft\Internet Explorer\SearchUrl DeleteKey: HKLM\SOFTWARE\Microsoft\Internet Explorer\Search DeleteKey: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl DeleteKey: HKLM\SOFTWARE\Wow6432Node\Google DeleteKey: HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search DeleteKey: HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchUrl Reg: reg delete HKCU\Environment /v SNF /f Reg: reg delete HKCU\Environment /v SNP /f C:\Program Files\Common Files\uwqb4avd.exe C:\ProgramData\xifs C:\ProgramData\xifss C:\Users\Bolec\AppData\Roaming\ProxySettings.dll C:\Users\Bolec\AppData\Roaming\uninstall_temp.ico C:\Windows\SysWOW64\findit.xml C:\Windows\SysWOW64\temp.* EmptyTemp: ***************** Procesy zostały pomyślnie zamknięte. Punkt przywracania został pomyślnie utworzony. "C:\ProgramData\xifs\Groovelam.dll" => Dane wartości nie znaleziono. "C:\ProgramData\xifs\Scottech.dll" => Dane wartości nie znaleziono. xifs => serwis pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0641DFE-A70B-43A4-861F-FC85C068AA40} => klucz nie znaleziono. C:\Windows\System32\Tasks\Driver Booster SkipUAC (Bolec) => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Bolec) => klucz nie znaleziono. C:\Users\Bolec\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk => Skrót - argument pomyślnie usunięto. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk => Skrót - argument pomyślnie usunięto. C:\Users\Bolec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => Skrót - argument pomyślnie usunięto. C:\Users\Bolec\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => Skrót - argument pomyślnie usunięto. C:\Users\Bolec\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk => Skrót - argument pomyślnie usunięto. C:\Users\Public\Desktop\Mozilla Firefox.lnk => Skrót - argument pomyślnie usunięto. HKU\S-1-5-21-865181693-1974036264-3221311095-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono HKU\S-1-5-21-865181693-1974036264-3221311095-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono HKU\S-1-5-21-865181693-1974036264-3221311095-1000\Software\Microsoft\Internet Explorer\Main\\Search Bar => Wartość pomyślnie usunięto HKU\S-1-5-21-865181693-1974036264-3221311095-1000\Software\Microsoft\Internet Explorer\Main\\SearchAssistant => Wartość pomyślnie usunięto HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie przywrócono "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\ielnksrch" => klucz pomyślnie usunięto HKCR\Wow6432Node\CLSID\ielnksrch => klucz nie znaleziono. HKU\S-1-5-21-865181693-1974036264-3221311095-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie usunięto "HKU\S-1-5-21-865181693-1974036264-3221311095-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}" => klucz pomyślnie usunięto HKCR\CLSID\{ielnksrch} => klucz nie znaleziono. HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains => klucz nie znaleziono. HKCU\Software\Microsoft\Internet Explorer\Search => klucz pomyślnie usunięto HKCU\Software\Microsoft\Internet Explorer\SearchUrl => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Internet Explorer\Search => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl => klucz nie znaleziono. HKLM\SOFTWARE\Wow6432Node\Google => klucz nie znaleziono. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search => klucz nie znaleziono. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchUrl => klucz pomyślnie usunięto ========= reg delete HKCU\Environment /v SNF /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg delete HKCU\Environment /v SNP /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= "C:\Program Files\Common Files\uwqb4avd.exe" => nie znaleziono. C:\ProgramData\xifs => pomyślnie przeniesiono C:\ProgramData\xifss => pomyślnie przeniesiono "C:\Users\Bolec\AppData\Roaming\ProxySettings.dll" => nie znaleziono. "C:\Users\Bolec\AppData\Roaming\uninstall_temp.ico" => nie znaleziono. C:\Windows\SysWOW64\findit.xml => pomyślnie przeniesiono =========== "C:\Windows\SysWOW64\temp.*" ========== nie znaleziono ========= Koniec -> "C:\Windows\SysWOW64\temp.*" ======== =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5918123 B Java, Flash, Steam htmlcache => 492 B Windows/system/drivers => 18930 B Edge => 0 B Chrome => 0 B Firefox => 6149452 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 0 B NetworkService => 0 B Bolec => 1552734 B RecycleBin => 11841 B EmptyTemp: => 21 MB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 00:44:07 ====