Anonim / 2 lata, 5 miesięcy temu | Download | Plaintext | Odpowiedz |

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
Fix result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by Marcin at 2015-07-02 16:31:22 Run:1
Running from C:\Users\Marcin\Downloads
Loaded Profiles: Marcin (Available Profiles: Marcin)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220140828
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220140828
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2413398751-1926525891-2327230122-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKU\S-1-5-21-2413398751-1926525891-2327230122-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
FF DefaultSearchEngine: Yahoo! Search
FF SelectedSearchEngine: Yahoo! Search
FF SearchPlugin: C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\nysvil98.default\searchplugins\keepmysearch.xml [2014-07-16]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_cdcecm; system32\DRIVERS\ew_jucdcecm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2015-07-02 10:41 - 2015-07-02 10:48 - 00000000 ____D C:\AdwCleaner
2015-07-01 09:34 - 2015-07-01 14:36 - 00000000 ___HD C:\Users\Marcin\AppData\Roaming\9E2A446A
2015-07-01 09:34 - 2015-07-01 09:35 - 00000000 ___HD C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}
CustomCLSID: HKU\S-1-5-21-2413398751-1926525891-2327230122-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Marcin\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2413398751-1926525891-2327230122-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Marcin\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2413398751-1926525891-2327230122-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Marcin\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2413398751-1926525891-2327230122-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Marcin\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2413398751-1926525891-2327230122-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Marcin\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2413398751-1926525891-2327230122-1000_Classes\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}\InprocServer32 -> C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\ddraw.dll (rtrspocfMoa tonooiiCr) <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-2413398751-1926525891-2327230122-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Marcin\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
Task: {2762E714-702E-4238-A0AD-923BF0D7A2DB} - System32\Tasks\{06DAF6F2-729A-4760-8670-F7042714B9A0} => Iexplore.exe http://ui.skype.com/ui/0/6.18.0.105/pl/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {11B20359-6BF6-497B-8DC9-C038FEE854BC} - System32\Tasks\{B6CC27EC-D40B-46C1-BDDA-50A4F56AB9DE} => C:\Users\Marcin\Desktop\gimp-2.6.12-i686-setup-2.exe
Task: {79CDFE1F-47DA-49A1-BA81-622CCBC2C2D1} - System32\Tasks\Driver Robot => C:\Program Files (x86)\Driver Robot\Driver Robot.lnk [2014-03-09] ()
Task: {87239351-9D12-498A-8209-B96C6325E660} - System32\Tasks\{EFEF5DF1-F083-4F3F-BC97-578A01870D34} => Iexplore.exe http://ui.skype.com/ui/0/6.18.0.105/pl/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {89E0ED43-B8AE-4800-ADD9-5AE0118BB7D9} - System32\Tasks\{05245DA3-1E44-4D01-A7E0-37C25EE64ADA} => pcalua.exe -a C:\Users\Marcin\Desktop\Minecraft-Setup.exe -d C:\Users\Marcin\Desktop
EmptyTemp:
*****************

Processes closed successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-2413398751-1926525891-2327230122-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => key removed successfully
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found. 
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value removed successfully
"HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found. 
HKU\S-1-5-21-2413398751-1926525891-2327230122-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found. 
Firefox DefaultSearchEngine removed successfully
Firefox SelectedSearchEngine removed successfully
C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\nysvil98.default\searchplugins\keepmysearch.xml => moved successfully.
ew_usbenumfilter => Service removed successfully
huawei_cdcacm => Service removed successfully
huawei_cdcecm => Service removed successfully
huawei_enumerator => Service removed successfully
huawei_ext_ctrl => Service removed successfully
VGPU => Service removed successfully
C:\AdwCleaner => moved successfully.
C:\Users\Marcin\AppData\Roaming\9E2A446A => moved successfully.

"C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}" folder move:

Could not move "C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}" folder => Scheduled to move on reboot.

"HKU\S-1-5-21-2413398751-1926525891-2327230122-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}" => key removed successfully
"HKU\S-1-5-21-2413398751-1926525891-2327230122-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => key removed successfully
"HKU\S-1-5-21-2413398751-1926525891-2327230122-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => key removed successfully
"HKU\S-1-5-21-2413398751-1926525891-2327230122-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}" => key removed successfully
"HKU\S-1-5-21-2413398751-1926525891-2327230122-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}" => key removed successfully
"HKU\S-1-5-21-2413398751-1926525891-2327230122-1000_Classes\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}" => key removed successfully
"HKU\S-1-5-21-2413398751-1926525891-2327230122-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2762E714-702E-4238-A0AD-923BF0D7A2DB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2762E714-702E-4238-A0AD-923BF0D7A2DB}" => key removed successfully
C:\Windows\System32\Tasks\{06DAF6F2-729A-4760-8670-F7042714B9A0} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{06DAF6F2-729A-4760-8670-F7042714B9A0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{11B20359-6BF6-497B-8DC9-C038FEE854BC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11B20359-6BF6-497B-8DC9-C038FEE854BC}" => key removed successfully
C:\Windows\System32\Tasks\{B6CC27EC-D40B-46C1-BDDA-50A4F56AB9DE} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B6CC27EC-D40B-46C1-BDDA-50A4F56AB9DE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{79CDFE1F-47DA-49A1-BA81-622CCBC2C2D1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79CDFE1F-47DA-49A1-BA81-622CCBC2C2D1}" => key removed successfully
C:\Windows\System32\Tasks\Driver Robot => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Robot" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{87239351-9D12-498A-8209-B96C6325E660}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87239351-9D12-498A-8209-B96C6325E660}" => key removed successfully
C:\Windows\System32\Tasks\{EFEF5DF1-F083-4F3F-BC97-578A01870D34} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EFEF5DF1-F083-4F3F-BC97-578A01870D34}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{89E0ED43-B8AE-4800-ADD9-5AE0118BB7D9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89E0ED43-B8AE-4800-ADD9-5AE0118BB7D9}" => key removed successfully
C:\Windows\System32\Tasks\{05245DA3-1E44-4D01-A7E0-37C25EE64ADA} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{05245DA3-1E44-4D01-A7E0-37C25EE64ADA}" => key removed successfully
EmptyTemp: => 253.8 MB temporary data Removed.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-07-02 16:33:14)<=

C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8} => Is moved successfully

==== End of Fixlog 16:33:14 ====