Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 27-11-2016 Uruchomiony przez Dawid (30-11-2016 15:43:33) Run:1 Uruchomiony z C:\Users\Dawid\Desktop\LSO Załadowane profile: Dawid (Dostępne profile: Dawid) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\jumpflip: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\searchinstaller.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\searchprotector.exe: [Debugger] tasklist.exe IFEO\searchsettings.exe: [Debugger] tasklist.exe IFEO\searchsettings64.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\umbrella.exe: [Debugger] tasklist.exe IFEO\utiljumpflip.exe: [Debugger] tasklist.exe IFEO\volaro: [Debugger] tasklist.exe IFEO\vonteera: [Debugger] tasklist.exe IFEO\websteroids.exe: [Debugger] tasklist.exe IFEO\websteroidsservice.exe: [Debugger] tasklist.exe SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=101&systemid=488&v=a15007-498&apn_uid=6693905175044420&apn_dtid=TCH001&o=APN11459&apn_ptnrs=AG1&q={searchTerms} SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=101&systemid=488&v=a15007-498&apn_uid=6693905175044420&apn_dtid=TCH001&o=APN11459&apn_ptnrs=AG1&q={searchTerms} CHR HomePage: Default -> hxxp://www.delta-homes.com/?type=hp&ts=1434044799&z=f2e20c3c95e5902245642b6g5z0cbz1e2z2zcm7tcb&from=ient06110&uid=WDCXWD1003FZEX-00MK2A0_WD-WCC3F130353403534 CHR StartupUrls: Default -> "hxxp://www.delta-homes.com/?type=hp&ts=1434044799&z=f2e20c3c95e5902245642b6g5z0cbz1e2z2zcm7tcb&from=ient06110&uid=WDCXWD1003FZEX-00MK2A0_WD-WCC3F130353403534" MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] C:\Users\Dawid\Desktop\ByteFence Anti-Malware.lnk C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence Task: {95C206D0-F552-4812-AD59-04E290B4F526} - System32\Tasks\{2CA0E579-0BED-46B9-ABD8-DD6E0FDEE3B2} => pcalua.exe -a C:\Users\Dawid\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=smt <==== UWAGA ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.delta-homes.com/?type=sc&ts=1434044799&z=f2e20c3c95e5902245642b6g5z0cbz1e2z2zcm7tcb&from=ient06110&uid=WDCXWD1003FZEX-00MK2A0_WD-WCC3F130353403534 ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.delta-homes.com/?type=sc&ts=1418825982&from=wpm12173&uid=WDCXWD1003FZEX-00MK2A0_WD-WCC3F130353403534 Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strogino CS Portal\Counter-Strike Global Offensive\Counter-Strike Global Offensive.lnk -> C:\Program Files\Strogino CS Portal\Counter-Strike Global Offensive\Counter-Strike_Global_Offensive.exe (Brak pliku) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strogino CS Portal\Counter-Strike Global Offensive\Deinstalacja programu Counter-Strike Global Offensive.lnk -> C:\Program Files\Strogino CS Portal\Counter-Strike Global Offensive\unins000.exe (Brak pliku) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strogino CS Portal\Counter-Strike Global Offensive\Update Counter-Strike Global Offensive.lnk -> C:\Program Files\Strogino CS Portal\Counter-Strike Global Offensive\Csgo_Updater.exe (Brak pliku) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dzrepack\Far Cry 4\Far Cry 4.lnk -> C:\Program Files (x86)\dzrepack\Far Cry 4\bin\FarCry4.exe (Brak pliku) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dzrepack\Far Cry 4\Uninstall Far Cry 4.lnk -> C:\Program Files (x86)\dzrepack\Far Cry 4\unins000.exe (Brak pliku) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Astroburn Lite\Astroburn Lite.lnk -> C:\Program Files (x86)\Astroburn Lite\AstroburnLite.exe (Brak pliku) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares\Homepage.lnk -> C:\Program Files (x86)\Ares\data\Homepage.url (Brak pliku) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares\Host Chatroom.lnk -> C:\Program Files (x86)\Ares\chatServer.exe (Brak pliku) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirDroid\AirDroid.lnk -> C:\Program Files (x86)\AirDroid\Launcher.exe (Brak pliku) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirDroid\Uninstall.lnk -> C:\Program Files (x86)\AirDroid\uninst.exe (Brak pliku) Shortcut: C:\Users\Dawid\Desktop\ByteFence Anti-Malware.lnk -> C:\Program Files\ByteFence\ByteFence.exe (Brak pliku) Shortcut: C:\Users\Dawid\Desktop\PULPIT\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Brak pliku) Shortcut: C:\Users\Dawid\Desktop\PULPIT\McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\McUICnt.exe (Brak pliku) Shortcut: C:\Users\Dawid\Desktop\PULPIT\PENDRIVE\Aneta\Rok 2010-2011\praezentacje\Ares.lnk -> C:\Users\Dawid\Documents\Ares\Ares.exe (Brak pliku) Shortcut: C:\Users\Dawid\Desktop\PULPIT\PENDRIVE\Aneta\Nowy folder\Dedicated Server.lnk -> C:\Program Files\Counter-Strike 1.6\hlds.exe (Brak pliku) Shortcut: C:\Users\Dawid\Desktop\PULPIT\PENDRIVE\Aneta\Ewaluacja\Ares.lnk -> C:\Users\Dawid\Documents\Ares\Ares.exe (Brak pliku) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence\ByteFence Anti-Malware.lnk -> C:\Program Files\ByteFence\ByteFence.exe (Brak pliku) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\AirDroid.lnk -> C:\Program Files (x86)\AirDroid\Launcher.exe (Brak pliku) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk -> C:\Program Files (x86)\Bandicam\bdcam.exe (Brak pliku) hortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.delta-homes.com/?type=sc&ts=1434044799&z=f2e20c3c95e5902245642b6g5z0cbz1e2z2zcm7tcb&from=ient06110&uid=WDCXWD1003FZEX-00MK2A0_WD-WCC3F130353403534 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed IV - Black Flag\Assassin's Creed IV - Black Flag.lnk -> C:\Games\Assassin's Creed IV - Black Flag\Launcher.exe () -> hxxp://www.delta-homes.com/?type=sc&ts=1434044799&z=f2e20c3c95e5902245642b6g5z0cbz1e2z2zcm7tcb&from=ient06110&uid=WDCXWD1003FZEX-00MK2A0_WD-WCC3F130353403534 ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.delta-homes.com/?type=sc&ts=1418825982&from=wpm12173&uid=WDCXWD1003FZEX-00MK2A0_WD-WCC3F130353403534 ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.delta-homes.com/?type=sc&ts=1418825982&from=wpm12173&uid=WDCXWD1003FZEX-00MK2A0_WD-WCC3F130353403534 Empty Temp: ***************** Procesy zostały pomyślnie zamknięte. Punkt przywracania został pomyślnie utworzony. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bitguard.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bprotect.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bpsvc.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserdefender.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserprotect.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browsersafeguard.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dprotectsvc.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\jumpflip" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\protectedsearch.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchinstaller.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotection.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotector.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchsettings.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchsettings64.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\snapdo.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst32.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst64.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\umbrella.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\utiljumpflip.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\volaro" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\vonteera" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\websteroids.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\websteroidsservice.exe" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}" => klucz pomyślnie usunięto HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} => klucz nie znaleziono. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}" => klucz pomyślnie usunięto HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} => klucz nie znaleziono. Chrome HomePage => pomyślnie usunięto Chrome StartupUrls => pomyślnie usunięto MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X] => Błąd: Nie znaleziono automatycznej naprawy dla tego wejścia. Synth3dVsc => serwis pomyślnie usunięto tsusbhub => serwis pomyślnie usunięto VGPU => serwis pomyślnie usunięto C:\Users\Dawid\Desktop\ByteFence Anti-Malware.lnk => pomyślnie przeniesiono C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{95C206D0-F552-4812-AD59-04E290B4F526}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95C206D0-F552-4812-AD59-04E290B4F526}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\{2CA0E579-0BED-46B9-ABD8-DD6E0FDEE3B2} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2CA0E579-0BED-46B9-ABD8-DD6E0FDEE3B2}" => klucz pomyślnie usunięto C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk => Skrót - argument pomyślnie usunięto. C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk => Skrót - argument pomyślnie przywrócono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strogino CS Portal\Counter-Strike Global Offensive\Counter-Strike Global Offensive.lnk => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strogino CS Portal\Counter-Strike Global Offensive\Deinstalacja programu Counter-Strike Global Offensive.lnk => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strogino CS Portal\Counter-Strike Global Offensive\Update Counter-Strike Global Offensive.lnk => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dzrepack\Far Cry 4\Far Cry 4.lnk => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dzrepack\Far Cry 4\Uninstall Far Cry 4.lnk => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Astroburn Lite\Astroburn Lite.lnk => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares\Homepage.lnk => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares\Host Chatroom.lnk => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirDroid\AirDroid.lnk => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirDroid\Uninstall.lnk => pomyślnie przeniesiono C:\Users\Dawid\Desktop\ByteFence Anti-Malware.lnk => nie znaleziono. C:\Users\Dawid\Desktop\PULPIT\Malwarebytes Anti-Malware.lnk => pomyślnie przeniesiono C:\Users\Dawid\Desktop\PULPIT\McAfee Security Scan Plus.lnk => pomyślnie przeniesiono C:\Users\Dawid\Desktop\PULPIT\PENDRIVE\Aneta\Rok 2010-2011\praezentacje\Ares.lnk => pomyślnie przeniesiono C:\Users\Dawid\Desktop\PULPIT\PENDRIVE\Aneta\Nowy folder\Dedicated Server.lnk => pomyślnie przeniesiono C:\Users\Dawid\Desktop\PULPIT\PENDRIVE\Aneta\Ewaluacja\Ares.lnk => pomyślnie przeniesiono C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence\ByteFence Anti-Malware.lnk => nie znaleziono. C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\AirDroid.lnk => pomyślnie przeniesiono C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk => pomyślnie przeniesiono hortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.delta-homes.com/?type=sc&ts=1434044799&z=f2e20c3c95e5902245642b6g5z0cbz1e2z2zcm7tcb&from=ient06110&uid=WDCXWD1003FZEX-00MK2A0_WD-WCC3F130353403534 => Błąd: Nie znaleziono automatycznej naprawy dla tego wejścia. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed IV - Black Flag\Assassin's Creed IV - Black Flag.lnk => Skrót - argument pomyślnie usunięto. C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => Skrót - argument pomyślnie usunięto. C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk => Skrót - argument pomyślnie przywrócono =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 50470610 B Java, Flash, Steam htmlcache => 278018203 B Windows/system/drivers => 564127538 B Edge => 0 B Chrome => 687354826 B Firefox => 370103444 B Opera => 14866685 B Temp, IE cache, history, cookies, recent: Default => 66228 B Public => 0 B ProgramData => 0 B systemprofile => 56325725 B systemprofile32 => 75436 B LocalService => 66228 B NetworkService => 1095868 B Dawid => 35543427457 B RecycleBin => 27470239794 B EmptyTemp: => 60.6 GB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 15:46:55 ====