Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 28-09-2016 Uruchomiony przez hp 250 (30-09-2016 16:06:56) Run:1 Uruchomiony z G:\ Załadowane profile: hp 250 (Dostępne profile: hp 250 & Magdalena) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CMD: type C:\ProgramData\uid.txt Startup: C:\Users\hp 250\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\einfo.exe [2016-09-28] () HKLM-x32\...\Run: [] => [X] Winlogon\Notify\igfxcui: igfxdev.dll [X] ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Brak pliku CustomCLSID: HKU\S-1-5-21-2885112695-2845545208-2409991739-1001_Classes\CLSID\{1F830936-B874-E793-74C3-D7CB2589A5B5}\InprocServer32 -> C:\Users\hp 250\AppData\Roaming\HP\Digital Imaging\Data\Destination\profile.ini () CustomCLSID: HKU\S-1-5-21-2885112695-2845545208-2409991739-1001_Classes\CLSID\{81796566-F369-C99A-1C26-1A74AF8046E5}\InprocServer32 -> C:\Users\hp 250\AppData\Roaming\Adobe\Acrobat\11.0\Security\services_rdr.txt () Task: {174E3E8C-16B0-4FB3-BFC8-2D0C0116BD1B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA Task: {19ABC829-E351-485C-96E3-7C1923FF5444} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA Task: {32FFF0F3-40BE-4A2E-B372-1F8DD66EF27B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe Task: {419538FF-502A-4620-BDA9-6B5E5D8D483B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA Task: {4D8048AD-BA0A-4EC9-82E2-8C05A7F25C95} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA Task: {6AA856D3-45F5-4521-BD97-A984DAF3F14A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA Task: {6AF63FD3-A13C-46D5-B2A4-24E7106DA93A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA Task: {830F3E9D-BC8F-42E2-8FB8-F19F4F9DE620} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA Task: {93EDD824-D08B-464F-B077-394743B51693} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA Task: {9F0AB603-4A2D-47E7-A51F-8B932D6B6AC5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA Task: {CDC1B183-B322-49D9-AA67-F7C1A8AF7722} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {F691E682-FB57-4399-ABA4-7A3F12607A97} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-09-29] () S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80160 2015-02-13] (McAfee, Inc.) DeleteKey: HKCU\Software\Google DeleteKey: HKCU\Software\Mozilla\Firefox\Extensions DeleteKey: HKCU\Software\MozillaPlugins C:\ProgramData\uid.txt C:\ProgramData\AVAST Software C:\Users\hp 250\AppData\Roaming\uid.txt C:\Users\hp 250\AppData\Roaming\Adobe\Acrobat\11.0\Security\services_rdr.txt C:\Users\hp 250\AppData\Roaming\Enigma Software Group C:\Users\hp 250\AppData\Roaming\HP\Digital Imaging\Data\Destination\profile.ini C:\Windows\System32\Drivers\EsgScanner.sys C:\Windows\System32\drivers\mfeelamk.sys CMD: netsh advfirewall reset EmptyTemp: ***************** Procesy zostały pomyślnie zamknięte. ========= type C:\ProgramData\uid.txt ========= Your UID: U1CYB96TUT ========= Koniec CMD: ========= C:\Users\hp 250\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\einfo.exe => nie znaleziono. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wartość pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui" => klucz pomyślnie usunięto "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => klucz pomyślnie usunięto HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => klucz nie znaleziono. "HKU\S-1-5-21-2885112695-2845545208-2409991739-1001_Classes\CLSID\{1F830936-B874-E793-74C3-D7CB2589A5B5}" => klucz pomyślnie usunięto "HKU\S-1-5-21-2885112695-2845545208-2409991739-1001_Classes\CLSID\{81796566-F369-C99A-1C26-1A74AF8046E5}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{174E3E8C-16B0-4FB3-BFC8-2D0C0116BD1B}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{174E3E8C-16B0-4FB3-BFC8-2D0C0116BD1B}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{19ABC829-E351-485C-96E3-7C1923FF5444}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{19ABC829-E351-485C-96E3-7C1923FF5444}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{32FFF0F3-40BE-4A2E-B372-1F8DD66EF27B}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32FFF0F3-40BE-4A2E-B372-1F8DD66EF27B}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{352E6CA0-7314-4DF4-89C4-682368D80D57}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{352E6CA0-7314-4DF4-89C4-682368D80D57}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{419538FF-502A-4620-BDA9-6B5E5D8D483B}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{419538FF-502A-4620-BDA9-6B5E5D8D483B}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D8048AD-BA0A-4EC9-82E2-8C05A7F25C95}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D8048AD-BA0A-4EC9-82E2-8C05A7F25C95}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6AA856D3-45F5-4521-BD97-A984DAF3F14A}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AA856D3-45F5-4521-BD97-A984DAF3F14A}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6AF63FD3-A13C-46D5-B2A4-24E7106DA93A}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AF63FD3-A13C-46D5-B2A4-24E7106DA93A}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{830F3E9D-BC8F-42E2-8FB8-F19F4F9DE620}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{830F3E9D-BC8F-42E2-8FB8-F19F4F9DE620}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{93EDD824-D08B-464F-B077-394743B51693}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93EDD824-D08B-464F-B077-394743B51693}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F0AB603-4A2D-47E7-A51F-8B932D6B6AC5}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F0AB603-4A2D-47E7-A51F-8B932D6B6AC5}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CDC1B183-B322-49D9-AA67-F7C1A8AF7722}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CDC1B183-B322-49D9-AA67-F7C1A8AF7722}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F691E682-FB57-4399-ABA4-7A3F12607A97}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F691E682-FB57-4399-ABA4-7A3F12607A97}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => klucz pomyślnie usunięto EsgScanner => serwis pomyślnie usunięto mfeelamk => serwis pomyślnie usunięto HKCU\Software\Google => niepowodzenie przy usuwaniu w pierwszym podejściu (ErrorCode: C0000121), zobacz kolejną linię. HKCU\Software\Google => klucz pomyślnie usunięto HKCU\Software\Mozilla\Firefox\Extensions => klucz pomyślnie usunięto HKCU\Software\MozillaPlugins => klucz pomyślnie usunięto C:\ProgramData\uid.txt => pomyślnie przeniesiono C:\ProgramData\AVAST Software => pomyślnie przeniesiono C:\Users\hp 250\AppData\Roaming\uid.txt => pomyślnie przeniesiono C:\Users\hp 250\AppData\Roaming\Adobe\Acrobat\11.0\Security\services_rdr.txt => pomyślnie przeniesiono C:\Users\hp 250\AppData\Roaming\Enigma Software Group => pomyślnie przeniesiono C:\Users\hp 250\AppData\Roaming\HP\Digital Imaging\Data\Destination\profile.ini => pomyślnie przeniesiono C:\Windows\System32\Drivers\EsgScanner.sys => pomyślnie przeniesiono C:\Windows\System32\drivers\mfeelamk.sys => pomyślnie przeniesiono ========= netsh advfirewall reset ========= Ok. ========= Koniec CMD: ========= =========== EmptyTemp: ========== BITS transfer queue => 294149 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 31768448 B Java, Flash, Steam htmlcache => 828 B Windows/system/drivers => 65613933 B Edge => 876343 B Chrome => 0 B Firefox => 83274297 B Opera => 4098048 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 32226 B NetworkService => 7180 B hp 250 => 205137325 B Magdalena => 167792 B RecycleBin => 0 B EmptyTemp: => 373.1 MB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 16:07:59 ====