Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja:12-12-2015 Uruchomiony przez Ja (2015-12-12 17:45:34) Run:1 Uruchomiony z C:\Users\Ja\Desktop Załadowane profile: user & Ja (Dostępne profile: user & Ja) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: R2 IhPul; C:\Users\Ja\AppData\Roaming\TSv\TSvr.exe [580752 2015-12-08] (tsvr.com) R2 SSFK; C:\Program Files (x86)\SFK\SSFK.exe [170144 2015-11-27] (TODO: ) R2 WdMan; C:\ProgramData\OWdMO\WdMan.exe [333312 2015-12-04] (TFuns LIMITED) [Brak podpisu cyfrowego] S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-12-12] () S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\jumpflip: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\searchinstaller.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\searchprotector.exe: [Debugger] tasklist.exe IFEO\searchsettings.exe: [Debugger] tasklist.exe IFEO\searchsettings64.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\umbrella.exe: [Debugger] tasklist.exe IFEO\utiljumpflip.exe: [Debugger] tasklist.exe IFEO\volaro: [Debugger] tasklist.exe IFEO\vonteera: [Debugger] tasklist.exe IFEO\websteroids.exe: [Debugger] tasklist.exe IFEO\websteroidsservice.exe: [Debugger] tasklist.exe HKLM\...\AppCertDlls: [x86] -> C:\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll HKLM\...\AppCertDlls: [x64] -> C:\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll HKLM-x32\...\Run: [] => [X] Startup: C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\[ZODIAC-TORRENT]Enemy Front pl GTX BOX Team.lnk [2015-01-19] GroupPolicy: Ograniczenia - Chrome <======= UWAGA GroupPolicyUsers\S-1-5-21-1225892358-4206154676-1196454770-1004\User: Ograniczenia <======= UWAGA CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA Task: {06DA7291-2C86-4190-A5F7-DEA935E8BB5A} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== UWAGA Task: {1033F4D6-1EE5-4A16-8C88-58923AEC05D7} - System32\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-6 => C:\Program Files (x86)\Plus-HD-V1.5\Plus-HD-V1.5-novainstaller.exe <==== UWAGA Task: {15676017-F7A5-45A1-AD74-CE78106C290B} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== UWAGA Task: {1C4EC356-6268-4D74-8C82-595460A75E38} - System32\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-3 => C:\Program Files (x86)\Plus-HD-V1.5\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-3.exe <==== UWAGA Task: {26584EA1-4805-4457-9D9C-901ECE8711CD} - System32\Tasks\AVG-Secure-Search-Update_1114tb_rel => C:\Program Files (x86)\AVG Security Toolbar\AVG-Secure-Search-Update_1114tb.exe [2014-11-12] () Task: {2659261D-C668-4E22-A4C6-777626CA908C} - System32\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-1 => C:\Program Files (x86)\Plus-HD-V1.5\Plus-HD-V1.5-codedownloader.exe <==== UWAGA Task: {2ABE911D-512D-4285-AADE-FD8D1126B437} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo) Task: {421D7E7A-C574-4EBF-9E15-724C7B81CC76} - System32\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-5 => C:\Program Files (x86)\Plus-HD-V1.5\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-5.exe <==== UWAGA Task: {5FC657F6-7C8A-4AD6-B277-E2B59081DFE9} - System32\Tasks\24seven_savings_updating_service => C:\Program Files (x86)\24Seven savings\24seven_savings_updating_service.exe <==== UWAGA Task: {63C9CA90-8C5E-4727-B1ED-0B7D490BD8E2} - System32\Tasks\{7B401992-80A7-496C-A00C-28922201ACE6} => pcalua.exe -a "C:\Downloads\The Sims 3 - Late Night\Sims3EP03Setup.exe" -d "C:\Downloads\The Sims 3 - Late Night" Task: {65097CF6-A50B-4268-957A-825A03FAB30F} - System32\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-7 => C:\Program Files (x86)\Plus-HD-V1.5\Plus-HD-V1.5-nova.exe <==== UWAGA Task: {75A3B21B-1505-4D5B-9E85-A6589282D97B} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== UWAGA Task: {84372649-2937-4A56-BC95-3CBBC41F3137} - System32\Tasks\24seven_savings_notification_service => C:\Program Files (x86)\24Seven savings\24seven_savings_notification_service.exe <==== UWAGA Task: {8CB03D6E-EFA1-480A-971C-AE1F1592DBF6} - System32\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-4 => C:\Program Files (x86)\Plus-HD-V1.5\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-4.exe <==== UWAGA Task: {8DFD487F-641C-4069-AA8E-E4C86736F1C2} - System32\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-2 => C:\Program Files (x86)\Plus-HD-V1.5\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-2.exe <==== UWAGA Task: {A9DFA9B4-3A9F-4882-9940-80C4D6129064} - System32\Tasks\{FA0E6C78-2779-4C0D-8D26-92D8C0D283D3} => pcalua.exe -a "E:\Metin2 Ravia.eu\uninstall.exe" -d "E:\Metin2 Ravia.eu" Task: {B5D5ABF0-2CEA-459B-AC2E-21ABDCBB1B9B} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== UWAGA Task: {B617C728-DB21-4BFE-9E64-42565E032E46} - System32\Tasks\Open Chrome => Chrome.exe --new-window hxxp://toolbar.avg.com/almost-done?pid=safeguard&lang=pl Task: {D0D23204-06C9-44AD-9F3B-C8BF077382FF} - System32\Tasks\AVG-Secure-Search-Update_1114tb_rmv => C:\Program Files (x86)\AVG Security Toolbar\AVG-Secure-Search-Update_1114tb.exe [2014-11-12] () Task: {D2673AD9-B120-46A5-8458-04E0CD90C8D3} - System32\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-11 => C:\Program Files (x86)\Plus-HD-V1.5\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-11.exe <==== UWAGA Task: {D883BDC1-7888-48E5-9A96-D6B0810B6DCD} - System32\Tasks\{2019024D-F198-4DA7-9033-389ECD7F3641} => pcalua.exe -a "C:\Downloads\The Sims 3 - Movie Stuff\Sims3SP09Setup.exe" -d "C:\Downloads\The Sims 3 - Movie Stuff" Task: {E03EF19D-01E3-4258-A5C4-4058894A2C43} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== UWAGA Task: {EF9B2BA6-DF21-4BAE-AB88-276D167B8B09} - System32\Tasks\{60E44BFB-8202-4687-955D-1776351AFC95} => Chrome.exe hxxp://ui.skype.com/ui/0/6.18.0.106/pl/abandoninstall?page=tsMain Task: C:\Windows\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-1.job => C:\Program Files (x86)\Plus-HD-V1.5\Plus-HD-V1.5-codedownloader.exe?/WHlKt /FTjVrg=task /Tslqtz='Plus-HD-V1.5' /sXvLS=59562 /sXpxq='001690' /jAErLa='0' /RsOnpaMiX='0' /gZLMO=CB509E3AE97E4CB49E9B94EF52FF7179IE /eHTOvF=43bc79ed9badaca972434e940073ba96 /UvyZbFWfj=1_34_06_10 /jNWHyHawn=1.34.6.10 /yFIPXHM=1404068259 /QGQNPkKYM=hxxp:/stats.datagenserv.com /gxkGk=hxxp:/errors.datagenserv.com /SqYoDeZx=hxxp:/js.datagenserv.com /MlWHEFwVW=ch /ZnpqwPR=hxxp:/js.clientdemocloud.com /zTlKDOn /lWWiCcsy='{asw:[1, 67108929, 0]}' /gWZbpO='hxxp:/update.datagenserv.com/ie_code_agent_updates/{CAMP_ID}/update.jso <==== UWAGA Task: C:\Windows\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-11.job => C:\Program Files (x86)\Plus-HD-V1.5\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-11.exe <==== UWAGA Task: C:\Windows\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-2.job => C:\Program Files (x86)\Plus-HD-V1.5\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-2.exeA/bRXuUn /Tslqtz='Plus-HD-V1.5' /sXvLS=59562 /sXpxq='001690' /jAErLa='0' /RsOnpaMiX='0' /gZLMO=CB509E3AE97E4CB49E9B94EF52FF7179IE /eHTOvF=43bc79ed9badaca972434e940073ba96 /UvyZbFWfj=1_34_06_10 /yFIPXHM=1404068259 /QGQNPkKYM=hxxp:/stats.datagenserv.com /gxkGk=hxxp:/errors.datagenserv.com /wNQhIi=11111111-1111-1111-1111-110511951162 /MlWHEFwVW=ch /eeiRG /zTlKDOn /gWZbpO='hxxp:/update.datagenserv.com/ie_enable_agent_updates/{CAMP_ID}/update.jso <==== UWAGA Task: C:\Windows\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-3.job => C:\Program Files (x86)\Plus-HD-V1.5\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-3.exe <==== UWAGA Task: C:\Windows\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-4.job => C:\Program Files (x86)\Plus-HD-V1.5\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-4.exe?/nnpqzAL /Tslqtz='Plus-HD-V1.5' /psCFJxWE C:\Program Files (x86)\Plus-HD-V1.5\59562.xpi' /sXvLS=59562 /sXpxq='001690' /jAErLa='0' /RsOnpaMiX='0' /gZLMO=CB509E3AE97E4CB49E9B94EF52FF7179IE /eHTOvF=43bc79ed9badaca972434e940073ba96 /UvyZbFWfj=1_34_06_10 /jNWHyHawn=1.34.6.10 /yFIPXHM=1404068259 /QGQNPkKYM=hxxp:/stats.datagenserv.com /gxkGk=hxxp:/errors.datagenserv.com /KHILDCqN=300 /XQgyEst=809710cc-b432-49dc-9140-7828943a0e27@84b67896-5412-4e3f-a6d3-fa7dc6e439e3.com /aiFjXgPBF=0.94 /XlPlpbW=a809710ccb43249dc91407828943a0e2784b6789654124e3fa6d3fa7dc6e439e3com59562 /hAEaKYUOo=hxxps:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/59562.rdf /HASuxAmKm='Plus-HD-V1.5' /XfoJF='Turn YouTube videos to High Definition by default' /BEgWi='Plus-HD-V1.5' /MlWHEFwVW=ch /lWWiCcsy='{asw:[1, 67108929, 0]}' /zTlKDOn /ABIwhz /nzuCxSnaK /gWZbpO='hxxp:/update.datagenserv.com/ff_agent_updates/{CAMP_ID}/update.jso <==== UWAGA Task: C:\Windows\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-5.job => C:\Program Files (x86)\Plus-HD-V1.5\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-5.exe?/qEVKuN /Tslqtz='Plus-HD-V1.5' /sXvLS=59562 /sXpxq='001690' /jAErLa='0' /RsOnpaMiX='0' /gZLMO=CB509E3AE97E4CB49E9B94EF52FF7179IE /eHTOvF=43bc79ed9badaca972434e940073ba96 /UvyZbFWfj=1_34_06_10 /yFIPXHM=1404068259 /QGQNPkKYM=hxxp:/stats.datagenserv.com /gxkGk=hxxp:/errors.datagenserv.com /MMAHfXhXJ=hxxp:/ipgeoapi.com/ /Lqpjr=hxxp:/update.datagenserv.com /qPTtcuuqI=2 /QCpKW=hxxp:/logs.datagenserv.com /gWZbpO='hxxp:/update.datagenserv.com/updater_agent_updates/{CAMP_ID}/update.jso <==== UWAGA Task: C:\Windows\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-6.job => C:\Program Files (x86)\Plus-HD-V1.5\Plus-HD-V1.5-novainstaller.exe?/lsApTW /Tslqtz='Plus-HD-V1.5' /sXvLS=59562 /sXpxq='001690' /jAErLa='0' /RsOnpaMiX='0' /gZLMO=CB509E3AE97E4CB49E9B94EF52FF7179IE /eHTOvF=43bc79ed9badaca972434e940073ba96 /UvyZbFWfj=1_34_06_10 /jNWHyHawn=1.34.6.10 /yFIPXHM=1404068259 /QGQNPkKYM=hxxp:/stats.datagenserv.com /gxkGk=hxxp:/errors.datagenserv.com /SqYoDeZx=hxxp:/js.datagenserv.com /MlWHEFwVW=ch /EkgeIU /VtDJGirtN='nova' /ZnpqwPR=hxxp:/js.clientdemocloud.com /lWWiCcsy='{asw:[1, 67108929, 0]}' /FTjVrg=task /gWZbpO='hxxp:/update.datagenserv.com/novacode/{CAMP_ID}/update.jso <==== UWAGA Task: C:\Windows\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-7.job => C:\Program Files (x86)\Plus-HD-V1.5\Plus-HD-V1.5-nova.exe?/Tslqtz='Plus-HD-V1.5' /sXvLS=59562 /sXpxq='001690' /jAErLa='0' /RsOnpaMiX='0' /gZLMO=CB509E3AE97E4CB49E9B94EF52FF7179IE /eHTOvF=43bc79ed9badaca972434e940073ba96 /UvyZbFWfj=1_34_06_10 /jNWHyHawn=1.34.6.10 /yFIPXHM=1404068259 /QGQNPkKYM=hxxp:/stats.datagenserv.com /gxkGk=hxxp:/errors.datagenserv.com /SqYoDeZx=hxxp:/js.datagenserv.com /MlWHEFwVW=ch /EkgeIU /VtDJGirtN='nova' /ZnpqwPR=hxxp:/js.clientdemocloud.com /lWWiCcsy='{asw:[1, 67108929, 0]}' /gWZbpO='hxxp:/update.datagenserv.com/novarun/{CAMP_ID}/update.jso <==== UWAGA Task: C:\Windows\Tasks\24seven_savings_notification_service.job => C:\Program Files (x86)\24Seven savings\24seven_savings_notification_service.exeo/url='hxxp:/cdn.selectbestopt.com/notf_sys/index.html' /crregname='24Seven savings' /appid='73143' /srcid='2913' /bic='e614c8ba626150bfa7aa2ba86d97a1a9' /verifier='1e26a50907f0891a5fb3ced7d3553ecd' /installerversion='1.50.3.10' /statsdomain='hxxp:/stats.buildomserv.com/data.gif?' /errorsdomain='hxxp:/stats.buildomserv.com/data.gif?' /monetizationdomain='hxxp:/logs.buildomserv.com/monetization.gif <==== UWAGA Task: C:\Windows\Tasks\24seven_savings_updating_service.job => C:\Program Files (x86)\24Seven savings\24seven_savings_updating_service.exe° /campid=2913 /verid=1 /url=hxxp:/cdn.buildomserv.com/txt/@CAMPID@/@VER@/file.txt /appid=73143 /taskname=24seven_savings_updating_service /funurl=hxxp:/stats.buildomserv.com <==== UWAGA Task: C:\Windows\Tasks\AVG-Secure-Search-Update_1114tb_rel.job => C:\Program Files (x86)\AVG Security Toolbar\AVG-Secure-Search-Update_1114tb.exe Task: C:\Windows\Tasks\AVG-Secure-Search-Update_1114tb_rmv.job => C:\Program Files (x86)\AVG Security Toolbar\AVG-Secure-Search-Update_1114tb.exe Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== UWAGA Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== UWAGA Task: C:\Windows\Tasks\GS_Booster-S-576482620.job => c:\programdata\trusted publisher\gs_booster\GS_Booster.exeO/schedule /profile c:\programdata\trusted publisher\gs_booster\576482620.ini <==== UWAGA Task: C:\Windows\Tasks\Open Chrome.job => c:\program files (x86)\Google\Chrome\Application\chrome.exeF--new-window hxxp:/toolbar.avg.com/ Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== UWAGA Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== UWAGA ShortcutWithArgument: C:\Users\Ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449662642&z=489f3c19b21c52e71656575g9z2z9t9qeq3o4qfz1z&from=ient07021&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF091374513745 <==== UWAGA ShortcutWithArgument: C:\Users\Ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449662642&z=489f3c19b21c52e71656575g9z2z9t9qeq3o4qfz1z&from=ient07021&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF091374513745 <==== UWAGA ShortcutWithArgument: C:\Users\Ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449662642&z=489f3c19b21c52e71656575g9z2z9t9qeq3o4qfz1z&from=ient07021&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF091374513745 <==== UWAGA ShortcutWithArgument: C:\Users\Ja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449662642&z=489f3c19b21c52e71656575g9z2z9t9qeq3o4qfz1z&from=ient07021&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF091374513745 <==== UWAGA ShortcutWithArgument: C:\Users\Ja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449662642&z=489f3c19b21c52e71656575g9z2z9t9qeq3o4qfz1z&from=ient07021&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF091374513745 <==== UWAGA ShortcutWithArgument: C:\Users\Ja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449662642&z=489f3c19b21c52e71656575g9z2z9t9qeq3o4qfz1z&from=ient07021&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF091374513745 <==== UWAGA ShortcutWithArgument: C:\Users\Ja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449662642&z=489f3c19b21c52e71656575g9z2z9t9qeq3o4qfz1z&from=ient07021&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF091374513745 <==== UWAGA ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.yoursites123.com/?type=sc&ts=1449662642&z=489f3c19b21c52e71656575g9z2z9t9qeq3o4qfz1z&from=ient07021&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF091374513745 <==== UWAGA HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1449662642&z=489f3c19b21c52e71656575g9z2z9t9qeq3o4qfz1z&from=ient07021&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF091374513745 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1449662642&z=489f3c19b21c52e71656575g9z2z9t9qeq3o4qfz1z&from=ient07021&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF091374513745 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1421683141&from=wpc&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF091374513745&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1421683141&from=wpc&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF091374513745&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1449662642&z=489f3c19b21c52e71656575g9z2z9t9qeq3o4qfz1z&from=ient07021&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF091374513745 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1449662642&z=489f3c19b21c52e71656575g9z2z9t9qeq3o4qfz1z&from=ient07021&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF091374513745 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1421683141&from=wpc&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF091374513745&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1421683141&from=wpc&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF091374513745&q={searchTerms} HKU\S-1-5-21-1225892358-4206154676-1196454770-1005\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=1449662642&z=489f3c19b21c52e71656575g9z2z9t9qeq3o4qfz1z&from=ient07021&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF091374513745&q={searchTerms} HKU\S-1-5-21-1225892358-4206154676-1196454770-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1449662642&z=489f3c19b21c52e71656575g9z2z9t9qeq3o4qfz1z&from=ient07021&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF091374513745 HKU\S-1-5-21-1225892358-4206154676-1196454770-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1449662642&z=489f3c19b21c52e71656575g9z2z9t9qeq3o4qfz1z&from=ient07021&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF091374513745 HKU\S-1-5-21-1225892358-4206154676-1196454770-1005\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449662642&z=489f3c19b21c52e71656575g9z2z9t9qeq3o4qfz1z&from=ient07021&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF091374513745&q={searchTerms} SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1421683141&from=wpc&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF091374513745&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1421683141&from=wpc&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF091374513745&q={searchTerms} SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=175&itype=n&ver=13396&tm=413&src=ds&p={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.searchtheglobe.info/?l=1&q={searchTerms}&pid=724&r=2015/01/19&hid=5744862335444074133&lg=EN&cc=PL SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1421683141&from=wpc&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF091374513745&q={searchTerms} SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=175&itype=n&ver=13396&tm=413&src=ds&p={searchTerms} SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.searchtheglobe.info/?l=1&q={searchTerms}&pid=724&r=2015/01/19&hid=5744862335444074133&lg=EN&cc=PL SearchScopes: HKU\S-1-5-21-1225892358-4206154676-1196454770-1005 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKU\S-1-5-21-1225892358-4206154676-1196454770-1005 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={70CAECF0-3693-45EF-A69A-19F5DCC94C51}&mid=a4bcbc0c28e047d29077d16d5b34dac6-f2fca082746ea168f1557c8024f3b2cfe154ff63&lang=pl&ds=AVG&coid=avgtbavg&cmpid=0915tb&pr=pr&d=2014-06-23 07:21:30&v=18.8.0.179&pid=safeguard&sg=&sap=dsp&q={searchTerms} BHO: Plus-HD-V1.5 -> {11111111-1111-1111-1111-110511951162} -> C:\Program Files (x86)\Plus-HD-V1.5\Plus-HD-V1.5-bho64.dll => Brak pliku BHO: Linkey -> {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} -> C:\Users\user\AppData\Local\Linkey\IEEXTE~1\iedll64.dll => Brak pliku BHO-x32: Plus-HD-V1.5 -> {11111111-1111-1111-1111-110511951162} -> C:\Program Files (x86)\Plus-HD-V1.5\Plus-HD-V1.5-bho.dll => Brak pliku StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1446905200&z=7b3bc11817e12f1abcfef07g1z3z7q3tfedz0tco3w&from=cornl&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF091374513745 CHR HKLM\...\Chrome\Extension: [jdiejbegdjikmehflknhkbieocmnogcf] - C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdiejbegdjikmehflknhkbieocmnogcf.crx [2015-11-07] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-10-11] CHR HKLM-x32\...\Chrome\Extension: [jdiejbegdjikmehflknhkbieocmnogcf] - C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdiejbegdjikmehflknhkbieocmnogcf.crx [2015-11-07] StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.yoursites123.com/?type=sc&ts=1449662642&z=489f3c19b21c52e71656575g9z2z9t9qeq3o4qfz1z&from=ient07021&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF091374513745 DeleteKey: HKCU\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I DeleteKey: HKCU\Software\dobreprogramy DeleteKey: HKCU\Software\Mozilla DeleteKey: HKCU\Software\MozillaPlugins DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo DeleteKey: HKLM\SOFTWARE\Mozilla DeleteKey: HKLM\SOFTWARE\MozillaPlugins DeleteKey: HKLM\SOFTWARE\Wow6432Node\Mozilla DeleteKey: HKLM\SOFTWARE\Wow6432Node\mozilla.org DeleteKey: HKLM\SOFTWARE\Wow6432Node\MozillaPlugins DeleteKey: HKLM\SOFTWARE\Wow6432Node\yoursites123Software C:\Program Files (x86)\Lenovo C:\Program Files (x86)\SFK C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat C:\ProgramData\BWMiniProB C:\ProgramData\5WdM5 C:\ProgramData\OWdMO C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games\Mafia II C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Black Ops 2 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games\Need For Speed Hot Pursuit 2 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enemy Front C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREE_SOFT_TODAY C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2 Ravia.eu C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WEOL'14 8.0 C:\Users\Ja\AppData\Local\Lenovo C:\Users\Ja\AppData\Roaming\TSv C:\Users\Ja\AppData\Roaming\WarThunder C:\Users\Ja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk C:\Users\Ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk C:\Windows\System32\Drivers\EsgScanner.sys C:\Windows\System32\Tasks\Lenovo C:\Windows\SysWOW64\pl.html Hosts: CMD: netsh advfirewall reset EmptyTemp: ***************** Procesy zostały pomyślnie zamknięte. Punkt przywracania został pomyślnie utworzony. IhPul => serwis pomyślnie usunięto SSFK => Usługa pomyślnie zatrzymana. SSFK => serwis pomyślnie usunięto WdMan => serwis pomyślnie usunięto EsgScanner => serwis pomyślnie usunięto EagleX64 => serwis pomyślnie usunięto xhunter1 => serwis pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bitguard.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bprotect.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bpsvc.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserdefender.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserprotect.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browsersafeguard.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dprotectsvc.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\jumpflip" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\protectedsearch.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchinstaller.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotection.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotector.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchsettings.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchsettings64.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\snapdo.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst32.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst64.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\umbrella.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\utiljumpflip.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\volaro" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\vonteera" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\websteroids.exe" => klucz pomyślnie usunięto "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\websteroidsservice.exe" => klucz pomyślnie usunięto HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x86 => Wartość nie znaleziono. HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x64 => Wartość nie znaleziono. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wartość pomyślnie usunięto C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\[ZODIAC-TORRENT]Enemy Front pl GTX BOX Team.lnk => pomyślnie przeniesiono C:\Windows\system32\GroupPolicy\Machine => pomyślnie przeniesiono C:\Windows\system32\GroupPolicy\GPT.ini => pomyślnie przeniesiono C:\Windows\SysWOW64\GroupPolicy\GPT.ini => pomyślnie przeniesiono "C:\Windows\system32\GroupPolicyUsers\S-1-5-21-1225892358-4206154676-1196454770-1004\User" => nie znaleziono. "HKLM\SOFTWARE\Policies\Google" => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{06DA7291-2C86-4190-A5F7-DEA935E8BB5A} => klucz nie znaleziono. C:\Windows\System32\Tasks\RegClean Pro_DEFAULT => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro_DEFAULT => klucz nie znaleziono. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1033F4D6-1EE5-4A16-8C88-58923AEC05D7}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1033F4D6-1EE5-4A16-8C88-58923AEC05D7}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-6 => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-6" => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15676017-F7A5-45A1-AD74-CE78106C290B} => klucz nie znaleziono. C:\Windows\System32\Tasks\RegClean Pro => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro => klucz nie znaleziono. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1C4EC356-6268-4D74-8C82-595460A75E38}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C4EC356-6268-4D74-8C82-595460A75E38}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-3 => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-3" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{26584EA1-4805-4457-9D9C-901ECE8711CD}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26584EA1-4805-4457-9D9C-901ECE8711CD}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\AVG-Secure-Search-Update_1114tb_rel => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG-Secure-Search-Update_1114tb_rel" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2659261D-C668-4E22-A4C6-777626CA908C}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2659261D-C668-4E22-A4C6-777626CA908C}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-1 => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-1" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2ABE911D-512D-4285-AADE-FD8D1126B437}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2ABE911D-512D-4285-AADE-FD8D1126B437}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Lenovo Customer Feedback Program 64" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{421D7E7A-C574-4EBF-9E15-724C7B81CC76}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{421D7E7A-C574-4EBF-9E15-724C7B81CC76}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-5 => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-5" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5FC657F6-7C8A-4AD6-B277-E2B59081DFE9}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FC657F6-7C8A-4AD6-B277-E2B59081DFE9}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\24seven_savings_updating_service => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\24seven_savings_updating_service" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{63C9CA90-8C5E-4727-B1ED-0B7D490BD8E2}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63C9CA90-8C5E-4727-B1ED-0B7D490BD8E2}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\{7B401992-80A7-496C-A00C-28922201ACE6} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7B401992-80A7-496C-A00C-28922201ACE6}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{65097CF6-A50B-4268-957A-825A03FAB30F}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65097CF6-A50B-4268-957A-825A03FAB30F}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-7 => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-7" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75A3B21B-1505-4D5B-9E85-A6589282D97B}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75A3B21B-1505-4D5B-9E85-A6589282D97B}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{84372649-2937-4A56-BC95-3CBBC41F3137}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{84372649-2937-4A56-BC95-3CBBC41F3137}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\24seven_savings_notification_service => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\24seven_savings_notification_service" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8CB03D6E-EFA1-480A-971C-AE1F1592DBF6}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CB03D6E-EFA1-480A-971C-AE1F1592DBF6}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-4 => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-4" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8DFD487F-641C-4069-AA8E-E4C86736F1C2}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8DFD487F-641C-4069-AA8E-E4C86736F1C2}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-2 => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-2" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A9DFA9B4-3A9F-4882-9940-80C4D6129064}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9DFA9B4-3A9F-4882-9940-80C4D6129064}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\{FA0E6C78-2779-4C0D-8D26-92D8C0D283D3} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FA0E6C78-2779-4C0D-8D26-92D8C0D283D3}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B5D5ABF0-2CEA-459B-AC2E-21ABDCBB1B9B}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B5D5ABF0-2CEA-459B-AC2E-21ABDCBB1B9B}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore" => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B617C728-DB21-4BFE-9E64-42565E032E46} => klucz nie znaleziono. C:\Windows\System32\Tasks\Open Chrome => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Open Chrome => klucz nie znaleziono. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D0D23204-06C9-44AD-9F3B-C8BF077382FF}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0D23204-06C9-44AD-9F3B-C8BF077382FF}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\AVG-Secure-Search-Update_1114tb_rmv => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG-Secure-Search-Update_1114tb_rmv" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D2673AD9-B120-46A5-8458-04E0CD90C8D3}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D2673AD9-B120-46A5-8458-04E0CD90C8D3}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-11 => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-11" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D883BDC1-7888-48E5-9A96-D6B0810B6DCD}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D883BDC1-7888-48E5-9A96-D6B0810B6DCD}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\{2019024D-F198-4DA7-9033-389ECD7F3641} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2019024D-F198-4DA7-9033-389ECD7F3641}" => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E03EF19D-01E3-4258-A5C4-4058894A2C43} => klucz nie znaleziono. C:\Windows\System32\Tasks\RegClean Pro_UPDATES => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro_UPDATES => klucz nie znaleziono. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EF9B2BA6-DF21-4BAE-AB88-276D167B8B09}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF9B2BA6-DF21-4BAE-AB88-276D167B8B09}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\{60E44BFB-8202-4687-955D-1776351AFC95} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{60E44BFB-8202-4687-955D-1776351AFC95}" => klucz pomyślnie usunięto C:\Windows\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-1.job => pomyślnie przeniesiono C:\Windows\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-11.job => pomyślnie przeniesiono C:\Windows\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-2.job => pomyślnie przeniesiono C:\Windows\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-3.job => pomyślnie przeniesiono C:\Windows\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-4.job => pomyślnie przeniesiono C:\Windows\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-5.job => pomyślnie przeniesiono C:\Windows\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-6.job => pomyślnie przeniesiono C:\Windows\Tasks\1a865e51-8d7f-47ac-a7cc-49d250e98ec8-7.job => pomyślnie przeniesiono C:\Windows\Tasks\24seven_savings_notification_service.job => pomyślnie przeniesiono C:\Windows\Tasks\24seven_savings_updating_service.job => pomyślnie przeniesiono C:\Windows\Tasks\AVG-Secure-Search-Update_1114tb_rel.job => pomyślnie przeniesiono C:\Windows\Tasks\AVG-Secure-Search-Update_1114tb_rmv.job => pomyślnie przeniesiono C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => pomyślnie przeniesiono C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => pomyślnie przeniesiono C:\Windows\Tasks\GS_Booster-S-576482620.job => pomyślnie przeniesiono C:\Windows\Tasks\Open Chrome.job => nie znaleziono. C:\Windows\Tasks\RegClean Pro_DEFAULT.job => nie znaleziono. C:\Windows\Tasks\RegClean Pro_UPDATES.job => nie znaleziono. C:\Users\Ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => Skrót - argument pomyślnie usunięto. C:\Users\Ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk => Skrót - argument pomyślnie usunięto. C:\Users\Ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk => Skrót - argument pomyślnie przywrócono C:\Users\Ja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => Skrót - argument pomyślnie usunięto. C:\Users\Ja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => Skrót - argument pomyślnie usunięto. C:\Users\Ja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk => Skrót - argument pomyślnie usunięto. C:\Users\Ja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk => Skrót - argument pomyślnie usunięto. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk => Skrót - argument pomyślnie usunięto. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono HKU\S-1-5-21-1225892358-4206154676-1196454770-1005\Software\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono HKU\S-1-5-21-1225892358-4206154676-1196454770-1005\Software\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono HKU\S-1-5-21-1225892358-4206154676-1196454770-1005\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono HKU\S-1-5-21-1225892358-4206154676-1196454770-1005\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie przywrócono "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => klucz pomyślnie usunięto HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => klucz nie znaleziono. "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}" => klucz pomyślnie usunięto HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} => klucz nie znaleziono. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie przywrócono "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => klucz pomyślnie usunięto HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => klucz nie znaleziono. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}" => klucz pomyślnie usunięto HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} => klucz nie znaleziono. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}" => klucz pomyślnie usunięto HKCR\Wow6432Node\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => klucz nie znaleziono. HKU\S-1-5-21-1225892358-4206154676-1196454770-1005\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie usunięto "HKU\S-1-5-21-1225892358-4206154676-1196454770-1005\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}" => klucz pomyślnie usunięto HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => klucz nie znaleziono. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511951162}" => klucz pomyślnie usunięto "HKCR\CLSID\{11111111-1111-1111-1111-110511951162}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}" => klucz pomyślnie usunięto "HKCR\CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511951162}" => klucz pomyślnie usunięto "HKCR\Wow6432Node\CLSID\{11111111-1111-1111-1111-110511951162}" => klucz pomyślnie usunięto HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Wartość pomyślnie przywrócono "HKLM\SOFTWARE\Google\Chrome\Extensions\jdiejbegdjikmehflknhkbieocmnogcf" => klucz pomyślnie usunięto C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdiejbegdjikmehflknhkbieocmnogcf.crx => pomyślnie przeniesiono "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck" => klucz pomyślnie usunięto Nie można przenieść "C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx" => Zaplanowany do przeniesienia przy restarcie. "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jdiejbegdjikmehflknhkbieocmnogcf" => klucz pomyślnie usunięto "C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdiejbegdjikmehflknhkbieocmnogcf.crx" => nie znaleziono. HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command\\Default => Wartość pomyślnie przywrócono HKCU\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I => klucz nie znaleziono. HKCU\Software\dobreprogramy => klucz pomyślnie usunięto HKCU\Software\Mozilla => klucz nie znaleziono. HKCU\Software\MozillaPlugins => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo => klucz pomyślnie usunięto HKLM\SOFTWARE\Mozilla => klucz nie znaleziono. HKLM\SOFTWARE\MozillaPlugins => niepowodzenie przy usuwaniu w pierwszym podejściu (ErrorCode: C0000121), zobacz kolejną linię. HKLM\SOFTWARE\MozillaPlugins => klucz pomyślnie usunięto HKLM\SOFTWARE\Wow6432Node\Mozilla => niepowodzenie przy usuwaniu w pierwszym podejściu (ErrorCode: C0000121), zobacz kolejną linię. HKLM\SOFTWARE\Wow6432Node\Mozilla => klucz pomyślnie usunięto HKLM\SOFTWARE\Wow6432Node\mozilla.org => klucz nie znaleziono. HKLM\SOFTWARE\Wow6432Node\MozillaPlugins => niepowodzenie przy usuwaniu w pierwszym podejściu (ErrorCode: C0000121), zobacz kolejną linię. HKLM\SOFTWARE\Wow6432Node\MozillaPlugins => klucz pomyślnie usunięto HKLM\SOFTWARE\Wow6432Node\yoursites123Software => niepowodzenie przy usuwaniu w pierwszym podejściu (ErrorCode: C0000121), zobacz kolejną linię. HKLM\SOFTWARE\Wow6432Node\yoursites123Software => klucz pomyślnie usunięto C:\Program Files (x86)\Lenovo => pomyślnie przeniesiono C:\Program Files (x86)\SFK => pomyślnie przeniesiono C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat => pomyślnie przeniesiono C:\ProgramData\BWMiniProB => pomyślnie przeniesiono C:\ProgramData\5WdM5 => pomyślnie przeniesiono C:\ProgramData\OWdMO => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games\Mafia II => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Black Ops 2 => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games\Need For Speed Hot Pursuit 2 => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enemy Front => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer => pomyślnie przeniesiono "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREE_SOFT_TODAY" => nie znaleziono. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2 => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2 Ravia.eu => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics => pomyślnie przeniesiono "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro" => nie znaleziono. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WEOL'14 8.0 => pomyślnie przeniesiono C:\Users\Ja\AppData\Local\Lenovo => pomyślnie przeniesiono C:\Users\Ja\AppData\Roaming\TSv => pomyślnie przeniesiono C:\Users\Ja\AppData\Roaming\WarThunder => pomyślnie przeniesiono C:\Users\Ja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk => pomyślnie przeniesiono C:\Users\Ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk => pomyślnie przeniesiono C:\Windows\System32\Drivers\EsgScanner.sys => pomyślnie przeniesiono C:\Windows\System32\Tasks\Lenovo => pomyślnie przeniesiono "C:\Windows\SysWOW64\pl.html" => nie znaleziono. C:\Windows\System32\Drivers\etc\hosts => pomyślnie przeniesiono Hosts pomyślnie przywrócono. ========= netsh advfirewall reset ========= Ok. ========= Koniec CMD: ========= EmptyTemp: => 13.1 GB danych tymczasowych Usunięto. Rezultat przenoszenia plików przy restarcie (Tryb startu: Normal) (Data i godzina: 2015-12-12 17:55:46) "C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx" => Nie można przenieść ==== Koniec Fixlog 17:55:46 ====