Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 07-06-2017
Uruchomiony przez MI (07-06-2017 19:31:22) Run:2
Uruchomiony z D:\Programy\skanowanie komputera i raporty
Załadowane profile: MI & postgres (Dostępne profile: MI & postgres)
Tryb startu: Normal
==============================================

fixlist - zawartość:
*****************
DeleteKey: HKLM\SOFTWARE\Mozilla
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Eggper
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Firefox
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Mozilla
DeleteKey: HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Classes\ftp
DeleteKey: HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Classes\http
DeleteKey: HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Classes\https
DeleteKey: HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Classes\irc
DeleteKey: HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Classes\mailto
DeleteKey: HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Classes\mms
DeleteKey: HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Classes\news
DeleteKey: HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Classes\nntp
DeleteKey: HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Classes\sms
DeleteKey: HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Classes\smsto
DeleteKey: HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Classes\tel
DeleteKey: HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Classes\urn
DeleteKey: HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Classes\webcal
DeleteKey: HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Eggper
DeleteKey: HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Firefox
DeleteKey: HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Mozilla
DeleteKey: HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\37de59f2_0
DeleteKey: HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{1A49764D-CF78-4AD5-94D6-68A341A9ECCC}
DeleteValue: HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\Firefox\Firefox.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store|C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
DeleteValue: HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store|C:\Program Files (x86)\Firefox\uninstall\helper.exe
U2 CSHMDR; Brak ImagePath
U2 CWASRE; Brak ImagePath
U2 snare; Brak ImagePath
U2 WinSnare; Brak ImagePath
RemoveDirectory: C:\FRST\Quarantine
CMD: del /q "C:\Users\MI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Powiadomienia monitorowania tuszu - .lnk"
*****************

HKLM\SOFTWARE\Mozilla => klucz pomyślnie usunięto
HKLM\SOFTWARE\WOW6432Node\Eggper => klucz pomyślnie usunięto
HKLM\SOFTWARE\WOW6432Node\Firefox => klucz pomyślnie usunięto
HKLM\SOFTWARE\WOW6432Node\Mozilla => klucz pomyślnie usunięto
HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Classes\ftp => klucz pomyślnie usunięto
HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Classes\http => klucz pomyślnie usunięto
HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Classes\https => klucz pomyślnie usunięto
HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Classes\irc => klucz pomyślnie usunięto
HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Classes\mailto => klucz pomyślnie usunięto
HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Classes\mms => klucz pomyślnie usunięto
HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Classes\news => klucz pomyślnie usunięto
HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Classes\nntp => klucz pomyślnie usunięto
HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Classes\sms => klucz pomyślnie usunięto
HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Classes\smsto => klucz pomyślnie usunięto
HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Classes\tel => klucz pomyślnie usunięto
HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Classes\urn => klucz pomyślnie usunięto
HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Classes\webcal => klucz pomyślnie usunięto
HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Eggper => klucz pomyślnie usunięto
HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Firefox => klucz pomyślnie usunięto
HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Mozilla => klucz pomyślnie usunięto
HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\37de59f2_0 => klucz pomyślnie usunięto
HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{1A49764D-CF78-4AD5-94D6-68A341A9ECCC} => klucz pomyślnie usunięto
HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Firefox\Firefox.exe.FriendlyAppName => Wartość pomyślnie usunięto
HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\\C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe => Wartość pomyślnie usunięto
HKU\S-1-5-21-570807183-2887973835-1248124564-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\\C:\Program Files (x86)\Firefox\uninstall\helper.exe => Wartość pomyślnie usunięto
HKLM\System\CurrentControlSet\Services\CSHMDR => klucz pomyślnie usunięto
CSHMDR => serwis pomyślnie usunięto
HKLM\System\CurrentControlSet\Services\CWASRE => klucz pomyślnie usunięto
CWASRE => serwis pomyślnie usunięto
HKLM\System\CurrentControlSet\Services\snare => klucz pomyślnie usunięto
snare => serwis pomyślnie usunięto
HKLM\System\CurrentControlSet\Services\WinSnare => klucz pomyślnie usunięto
WinSnare => serwis pomyślnie usunięto
"C:\FRST\Quarantine" => pomyślnie usunięto.

========= del /q "C:\Users\MI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Powiadomienia monitorowania tuszu - .lnk" =========


========= Koniec  CMD: =========


==== Koniec  Fixlog 19:31:45 ====