Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 21-12-2016 Uruchomiony przez Abi (23-12-2016 22:25:57) Run:2 Uruchomiony z C:\Users\Abi\Desktop\first Załadowane profile: Abi (Dostępne profile: Abi) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: IFEO\MRT.exe: [Debugger] C:\Windows\TEMP\weaEF50.tmp\Gubed.exe -Yrrehs R3 iThemes5; C:\Program Files (x86)\Common Files\Services\iThemes.dll [524800 2016-12-15] () [Brak podpisu cyfrowego] <==== UWAGA R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-14] (Microsoft Corporation) [DependOnService: iThemes5]<==== UWAGA 2016-12-01 11:02 - 2016-10-28 13:37 - 00000000 ____D C:\ProgramData\ttff R2 FirefoxU; C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe [106160 2016-12-08] () C:\Program Files (x86)\Firefox FirewallRules: [{559BF5D9-860E-48CA-8A58-D0F35DF1124F}] => C:\Program Files (x86)\Firefox\bin\FirefoxCommand.exe FirewallRules: [{9672D65A-5D9C-4C95-9D20-1769C4111470}] => C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe FirewallRules: [{FB14C3FA-891D-4707-84AC-B47625365C27}] => C:\Program Files (x86)\Firefox\Firefox.exe CMD: dir /a "C:\Program Files" CMD: dir /a "C:\Program Files (x86)" CMD: dir /a "C:\Program Files\Common Files\System" CMD: dir /a "C:\Program Files (x86)\Common Files\System" CMD: dir /a C:\ProgramData CMD: dir /a C:\Users\Abi\AppData\Local CMD: dir /a C:\Users\Abi\AppData\LocalLow CMD: dir /a C:\Users\Abi\AppData\Roaming Reg: reg query HKLM\SYSTEM\CurrentControlSet\Services\Themes /s EmptyTemp: ***************** Procesy zostały pomyślnie zamknięte. Punkt przywracania został pomyślnie utworzony. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MRT.exe" => klucz pomyślnie usunięto iThemes5 => serwis pomyślnie usunięto hklm\System\CurrentControlSet\Services\Themes\\DependOnService => Wartość pomyślnie usunięto C:\ProgramData\ttff => pomyślnie przeniesiono FirefoxU => serwis pomyślnie usunięto C:\Program Files (x86)\Firefox => pomyślnie przeniesiono HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{559BF5D9-860E-48CA-8A58-D0F35DF1124F} => Wartość pomyślnie usunięto HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9672D65A-5D9C-4C95-9D20-1769C4111470} => Wartość pomyślnie usunięto HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FB14C3FA-891D-4707-84AC-B47625365C27} => Wartość pomyślnie usunięto ========= dir /a "C:\Program Files" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: A09F-2278 Katalog: C:\Program Files 2016-12-05 19:30 . 2016-12-05 19:30 .. 2016-10-19 20:00 21˙448 AccessibleMarshal.dll 2016-10-19 17:39 19˙136 api-ms-win-core-console-l1-1-0.dll 2016-10-19 17:39 18˙624 api-ms-win-core-datetime-l1-1-0.dll 2016-10-19 17:39 18˙624 api-ms-win-core-debug-l1-1-0.dll 2016-10-19 17:39 18˙624 api-ms-win-core-errorhandling-l1-1-0.dll 2016-10-19 17:39 22˙208 api-ms-win-core-file-l1-1-0.dll 2016-10-19 17:39 18˙624 api-ms-win-core-file-l1-2-0.dll 2016-10-19 17:39 18˙624 api-ms-win-core-file-l2-1-0.dll 2016-10-19 17:39 18˙624 api-ms-win-core-handle-l1-1-0.dll 2016-10-19 17:39 19˙136 api-ms-win-core-heap-l1-1-0.dll 2016-10-19 17:39 19˙136 api-ms-win-core-interlocked-l1-1-0.dll 2016-10-19 17:39 19˙136 api-ms-win-core-libraryloader-l1-1-0.dll 2016-10-19 17:39 21˙184 api-ms-win-core-localization-l1-2-0.dll 2016-10-19 17:39 19˙136 api-ms-win-core-memory-l1-1-0.dll 2016-10-19 17:39 18˙624 api-ms-win-core-namedpipe-l1-1-0.dll 2016-10-19 17:39 19˙648 api-ms-win-core-processenvironment-l1-1-0.dll 2016-10-19 17:39 20˙672 api-ms-win-core-processthreads-l1-1-0.dll 2016-10-19 17:39 19˙136 api-ms-win-core-processthreads-l1-1-1.dll 2016-10-19 17:39 18˙112 api-ms-win-core-profile-l1-1-0.dll 2016-10-19 17:39 18˙112 api-ms-win-core-rtlsupport-l1-1-0.dll 2016-10-19 17:39 18˙624 api-ms-win-core-string-l1-1-0.dll 2016-10-19 17:39 20˙672 api-ms-win-core-synch-l1-1-0.dll 2016-10-19 17:39 19˙136 api-ms-win-core-synch-l1-2-0.dll 2016-10-19 17:39 19˙648 api-ms-win-core-sysinfo-l1-1-0.dll 2016-10-19 17:39 18˙624 api-ms-win-core-timezone-l1-1-0.dll 2016-10-19 17:39 18˙624 api-ms-win-core-util-l1-1-0.dll 2016-10-19 17:39 19˙648 api-ms-win-crt-conio-l1-1-0.dll 2016-10-19 17:39 22˙720 api-ms-win-crt-convert-l1-1-0.dll 2016-10-19 17:39 19˙136 api-ms-win-crt-environment-l1-1-0.dll 2016-10-19 17:39 20˙672 api-ms-win-crt-filesystem-l1-1-0.dll 2016-10-19 17:39 19˙648 api-ms-win-crt-heap-l1-1-0.dll 2016-10-19 17:39 19˙136 api-ms-win-crt-locale-l1-1-0.dll 2016-10-19 17:39 29˙376 api-ms-win-crt-math-l1-1-0.dll 2016-10-19 17:39 26˙816 api-ms-win-crt-multibyte-l1-1-0.dll 2016-10-19 17:39 73˙408 api-ms-win-crt-private-l1-1-0.dll 2016-10-19 17:39 19˙648 api-ms-win-crt-process-l1-1-0.dll 2016-10-19 17:39 23˙232 api-ms-win-crt-runtime-l1-1-0.dll 2016-10-19 17:39 24˙768 api-ms-win-crt-stdio-l1-1-0.dll 2016-10-19 17:39 24˙768 api-ms-win-crt-string-l1-1-0.dll 2016-10-19 17:39 21˙184 api-ms-win-crt-time-l1-1-0.dll 2016-10-19 17:39 19˙136 api-ms-win-crt-utility-l1-1-0.dll 2016-10-19 17:42 695 application.ini 2016-10-19 20:00 117˙192 breakpadinjector.dll 2016-09-29 10:26 Common Files 2016-09-13 17:47 CONEXANT 2016-10-19 20:00 117˙704 crashreporter.exe 2016-10-20 01:40 4˙009 crashreporter.ini 2010-05-26 19:41 2˙106˙216 D3DCompiler_43.dll 2016-10-19 17:38 3˙709˙120 d3dcompiler_47.dll 2016-10-19 19:48 494 dependentlibs.list 2009-07-14 05:54 174 desktop.ini 2016-10-19 19:45 DIFX 2009-07-14 14:00 DVD Maker 2016-09-13 18:07 Elantech 2016-09-29 10:25 EpsonNet 2016-12-01 11:45 HitmanPro 2016-09-15 17:27 Intel 2009-07-14 13:43 Internet Explorer 2016-12-01 11:23 Lenovo 2016-09-15 10:17 Microsoft Office 2009-07-14 06:32 MSBuild 2016-10-19 17:36 443˙712 msvcp140.dll 2016-09-14 21:30 NVIDIA Corporation 2009-07-14 06:32 Reference Assemblies 2016-10-19 17:39 921˙280 ucrtbase.dll 2009-07-14 06:09 Uninstall Information 2009-07-14 13:43 Windows Defender 2009-07-14 14:00 Windows Journal 2009-07-14 13:43 Windows Mail 2009-07-14 13:43 Windows Media Player 2016-09-13 17:38 Windows NT 2009-07-14 13:43 Windows Photo Viewer 2009-07-14 06:32 Windows Portable Devices 2009-07-14 13:43 Windows Sidebar 51 plik(˘w) 8˙305˙788 bajt˘w 25 katalog(˘w) 43˙137˙138˙688 bajt˘w wolnych ========= Koniec CMD: ========= ========= dir /a "C:\Program Files (x86)" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: A09F-2278 Katalog: C:\Program Files (x86) 2016-12-23 22:26 . 2016-12-23 22:26 .. 2016-10-26 23:22 0ird1qdq 2016-10-26 20:07 5rhp93xc 2016-09-13 19:38 7-Zip 2016-10-26 11:12 7rdt7rl2 2016-10-29 20:20 Adobe 2016-09-13 18:24 AGEIA Technologies 2016-12-16 12:01 ALLPlayer 2016-12-14 17:02 amuleC1 2016-09-13 18:09 Broadcom Wireless 2016-12-14 16:55 Common Files 2016-09-15 15:22 DAEMON Tools Lite 2009-07-14 05:54 174 desktop.ini 2016-11-14 11:30 e-Deklaracje 2016-09-29 10:24 epson 2016-09-29 10:24 EPSON Software 2016-12-23 21:27 Gubed_WMI 2016-10-26 21:22 hpxx7lmi 2016-10-26 19:22 hquvcbzw 2016-10-26 15:12 i36va8jr 2016-12-14 14:08 InstallShield Installation Information 2016-09-13 18:03 Intel 2009-07-14 13:43 Internet Explorer 2016-09-18 16:04 K-Lite Codec Pack 2016-10-26 15:22 kbxlfstr 2016-10-26 17:22 l5s195jz 2016-10-26 13:22 ldniti6y 2016-09-13 18:06 Lenovo 2016-10-26 19:13 lzgp9a80 2016-09-15 17:27 McAfee 2016-09-15 10:19 Microsoft Office 2016-09-15 10:19 Microsoft Visual Studio 2016-09-15 10:19 Microsoft Works 2016-09-15 10:19 Microsoft.NET 2009-07-14 06:32 MSBuild 2016-09-13 19:51 NapiProjekt 2016-12-14 16:55 Nero 2016-09-13 18:25 NVIDIA Corporation 2016-09-13 18:02 Realtek 2009-07-14 06:32 Reference Assemblies 2016-10-26 11:22 sbs4zeeq 2016-09-13 17:57 Silicon Motion 2016-10-26 10:42 svms6srj 2009-07-14 05:57 Uninstall Information 2016-11-28 18:08 USB Vibration 2016-09-15 09:34 Winamp 2016-12-23 21:27 WinArcher 2009-07-14 13:43 Windows Defender 2009-07-14 13:43 Windows Mail 2009-07-14 13:43 Windows Media Player 2009-07-14 06:32 Windows NT 2009-07-14 13:43 Windows Photo Viewer 2009-07-14 06:32 Windows Portable Devices 2009-07-14 13:43 Windows Sidebar 2016-09-13 19:37 WinRAR 2016-09-17 10:40 x1n4tpbn 2016-09-16 19:21 y6fed8ry 1 plik(˘w) 174 bajt˘w 57 katalog(˘w) 43˙137˙138˙688 bajt˘w wolnych ========= Koniec CMD: ========= ========= dir /a "C:\Program Files\Common Files\System" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: A09F-2278 Katalog: C:\Program Files\Common Files\System 2009-07-14 13:43 . 2009-07-14 13:43 .. 2009-07-14 13:43 ado 2009-07-14 02:40 29˙184 DirectDB.dll 2009-07-14 13:43 en-US 2009-07-14 13:43 msadc 2009-07-14 13:43 Ole DB 2009-07-14 13:43 pl-PL 2009-07-14 02:41 886˙784 wab32.dll 2009-07-14 02:33 1˙098˙752 wab32res.dll 3 plik(˘w) 2˙014˙720 bajt˘w 7 katalog(˘w) 43˙137˙138˙688 bajt˘w wolnych ========= Koniec CMD: ========= ========= dir /a "C:\Program Files (x86)\Common Files\System" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: A09F-2278 Katalog: C:\Program Files (x86)\Common Files\System 2016-09-15 10:17 . 2016-09-15 10:17 .. 2009-07-14 13:43 ado 2009-07-14 02:15 24˙064 DirectDB.dll 2009-07-14 13:43 en-US 2009-07-14 13:43 msadc 2016-09-15 10:17 MSMAPI 2016-09-15 10:19 Ole DB 2009-07-14 13:43 pl-PL 2009-07-14 02:16 708˙608 wab32.dll 2009-07-14 02:11 1˙098˙752 wab32res.dll 3 plik(˘w) 1˙831˙424 bajt˘w 8 katalog(˘w) 43˙137˙138˙688 bajt˘w wolnych ========= Koniec CMD: ========= ========= dir /a C:\ProgramData ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: A09F-2278 Katalog: C:\ProgramData 2016-12-23 22:26 . 2016-12-23 22:26 .. 2016-10-30 09:29 Adobe 2016-12-16 12:01 ALLPlayer 2016-09-13 20:22 ALLPlayerRemote 2009-07-14 06:08 Application Data [C:\ProgramData] 2016-09-15 15:21 AVAST Software 2016-09-15 15:22 Avg 2016-09-15 15:22 Avira 2016-09-15 18:45 DAEMON Tools Lite 2016-09-13 17:38 Dane aplikacji [C:\ProgramData] 2009-07-14 06:08 Desktop [C:\Users\Public\Desktop] 2009-07-14 06:08 Documents [C:\Users\Public\Documents] 2016-09-13 17:38 Dokumenty [C:\Users\Public\Documents] 2016-09-29 10:29 Epson 2009-07-14 06:08 Favorites [C:\Users\Public\Favorites] 2016-12-01 11:41 HitmanPro 2016-09-13 18:02 InstallShield 2016-09-28 11:12 Malwarebytes 2016-09-15 17:25 McAfee 2016-09-13 17:38 Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu] 2016-09-15 15:31 Microsoft 2016-09-15 10:20 Microsoft Help 2016-11-01 16:39 MoorHunt 2016-12-14 16:55 Nero 2016-12-23 21:24 NVIDIA 2016-09-15 13:45 NVIDIA Corporation 2016-09-14 21:29 Package Cache 2016-09-13 17:38 Pulpit [C:\Users\Public\Desktop] 2009-07-14 06:08 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 2016-09-13 17:38 Szablony [C:\ProgramData\Microsoft\Windows\Templates] 2016-09-13 18:05 Temp 2009-07-14 06:08 Templates [C:\ProgramData\Microsoft\Windows\Templates] 2016-09-13 17:38 Ulubione [C:\Users\Public\Favorites] 0 plik(˘w) 0 bajt˘w 34 katalog(˘w) 43˙137˙130˙496 bajt˘w wolnych ========= Koniec CMD: ========= ========= dir /a C:\Users\Abi\AppData\Local ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: A09F-2278 Katalog: C:\Users\Abi\AppData\Local 2016-12-14 17:00 . 2016-12-14 17:00 .. 2016-11-09 10:34 Adobe 2016-12-14 17:01 Ahead 2016-09-13 19:51 ALLPlayer 2016-09-15 09:43 CEF 2016-12-05 19:30 CrashDumps 2016-09-13 17:38 Dane aplikacji [C:\Users\Abi\AppData\Local] 2016-12-22 22:42 Diagnostics 2016-12-23 22:16 ElevatedDiagnostics 2016-09-27 19:45 Firefox 2016-09-15 13:45 111˙648 GDIPFONTCACHEV1.DAT 2016-09-13 17:38 Historia [C:\Users\Abi\AppData\Local\Microsoft\Windows\History] 2016-12-23 00:04 4˙698˙749 IconCache.db 2016-09-15 17:28 Macromedia 2016-12-22 22:39 Microsoft 2016-09-15 10:16 Microsoft Help 2016-09-13 19:45 Mozilla 2016-09-14 19:25 NVIDIA 2016-09-14 21:33 NVIDIA Corporation 2016-09-15 15:21 Plvirygasuied 2016-09-13 19:50 Programs 2016-12-23 22:25 Temp 2016-09-13 17:38 Temporary Internet Files [C:\Users\Abi\AppData\Local\Microsoft\Windows\Temporary Internet Files] 2016-11-14 11:32 3˙223 unins000.dat 2016-11-14 11:32 711˙640 unins000.exe 2016-11-14 11:32 11˙761 unins000.msg 2016-09-15 18:54 VirtualStore 5 plik(˘w) 5˙537˙021 bajt˘w 23 katalog(˘w) 43˙137˙130˙496 bajt˘w wolnych ========= Koniec CMD: ========= ========= dir /a C:\Users\Abi\AppData\LocalLow ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: A09F-2278 Katalog: C:\Users\Abi\AppData\LocalLow 2016-12-21 11:17 . 2016-12-21 11:17 .. 2016-10-29 20:14 Adobe 2016-09-15 17:28 Microsoft 2016-12-23 22:12 Mozilla 2016-12-16 11:35 Temp 2016-12-23 21:24 uTorrent 0 plik(˘w) 0 bajt˘w 7 katalog(˘w) 43˙137˙130˙496 bajt˘w wolnych ========= Koniec CMD: ========= ========= dir /a C:\Users\Abi\AppData\Roaming ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: A09F-2278 Katalog: C:\Users\Abi\AppData\Roaming 2016-12-14 17:02 . 2016-12-14 17:02 .. 2016-10-29 20:15 Adobe 2016-12-14 17:02 Ahead 2016-09-15 18:45 DAEMON Tools Lite 2016-10-29 20:21 e-Deklaracje 2016-10-29 20:21 e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1 2016-11-09 11:15 EPSON 2016-09-27 19:45 Firefox 2016-09-13 17:39 Identities 2016-09-13 18:01 InstallShield 2016-09-13 18:29 Intel Corporation 2016-09-15 17:28 Macromedia 2009-07-14 13:59 Media Center Programs 2016-09-18 16:05 Media Player Classic 2016-12-01 11:22 Microsoft 2016-09-13 19:39 Mozilla 2016-09-15 15:21 Profiles 2016-12-23 22:25 uTorrent 2016-09-15 09:38 Winamp 2016-10-13 22:07 WinRAR 0 plik(˘w) 0 bajt˘w 21 katalog(˘w) 43˙137˙126˙400 bajt˘w wolnych ========= Koniec CMD: ========= ========= reg query HKLM\SYSTEM\CurrentControlSet\Services\Themes /s ========= HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Themes Start REG_DWORD 0x2 DisplayName REG_SZ @%SystemRoot%\System32\themeservice.dll,-8192 ErrorControl REG_DWORD 0x1 Group REG_SZ ProfSvc_Group ImagePath REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs Type REG_DWORD 0x20 Description REG_SZ @%SystemRoot%\System32\themeservice.dll,-8193 ObjectName REG_SZ LocalSystem RequiredPrivileges REG_MULTI_SZ SeAssignPrimaryTokenPrivilege\0SeDebugPrivilege\0SeImpersonatePrivilege FailureActions REG_BINARY 80510100000000000000000003000000140000000100000060EA00000100000060EA00000000000000000000 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Themes\Parameters ServiceDllUnloadOnStop REG_DWORD 0x1 ServiceMain REG_SZ ThemeServiceMain ServiceDll REG_EXPAND_SZ %SystemRoot%\system32\themeservice.dll ========= Koniec Reg: ========= =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 106683448 B Java, Flash, Steam htmlcache => 2706 B Windows/system/drivers => 19481904 B Edge => 0 B Chrome => 0 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 19463 B systemprofile32 => 6033037 B LocalService => 66228 B NetworkService => 0 B Abi => 66909157 B RecycleBin => 0 B EmptyTemp: => 198 MB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 22:26:34 ====