Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja:12-12-2015 01
Uruchomiony przez Przemek (2015-12-13 16:35:22) Run:1
Uruchomiony z C:\Users\Przemek\Desktop\czyszczenie
Załadowane profile: Przemek (Dostępne profile: Przemek & Administrator)
Tryb startu: Normal
==============================================

fixlist - zawartość:
*****************
CloseProcesses:
CreateRestorePoint:
AppInit_DLLs: C:\ProgramData\Driptax\SaoGojob.dll => C:\ProgramData\Driptax\SaoGojob.dll [883200 2015-09-28] ()
GroupPolicy: Ograniczenia - Chrome <======= UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
ShortcutWithArgument: C:\Users\Przemek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449866903&z=8030ce62766807e07efd8b6g5zfz3t7baqcq3taeeo&from=ient07021&uid=ST1000LM024XHN-M101MBB_S314J90F135569135569 <==== UWAGA
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1980786313-716170311-3172534565-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3csoHODO84cNYuMHlRGWVhqRwgzZQCjI0kGkkopCuLL1p5BirDNmB9jbEzwkMR52OrwsZBdRrctS-exSyW5CAW9Po4X1HLgaray-qBEhdP2wpLBbE0ZhB5t4Yp-L2cJrSgwToJffy-8n0AA,,&q={searchTerms}
HKU\S-1-5-21-1980786313-716170311-3172534565-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3csoHODO84cNYuMHlRGWVhqRwgzZQCjI0kGkkopCuLL1p5BirDNmB9jbEzwkMR52OrwsZBdRrctS-exSyW5CAW9Po4X1HLgaray-qBEhdP2wpLBbE0ZhB5t4Yp-L2cJrSgwToJffy-8n0AA,,&q={searchTerms}
HKU\S-1-5-21-1980786313-716170311-3172534565-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3csoHODO84cNYuMHlRGWVhqRwgzZQCjI0kGkkopCuLL1p5BirDNmB9jbEzwkMR52OrwsZBdRrctS-exSyW5CAW9Po4X1HLgaray-qBEhdP2wpLBbE0ZhB5t4Yp-L2cJrSgwToJffy-8n0AA,,&q={searchTerms}
URLSearchHook: HKU\S-1-5-21-1980786313-716170311-3172534565-1001 - (Brak nazwy) - {4c60e5ab-5c68-4c59-abaa-885010b24b32} - Brak pliku
SearchScopes: HKU\S-1-5-21-1980786313-716170311-3172534565-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Brak nazwy -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> Brak pliku
Toolbar: HKLM-x32 - Brak nazwy - {c66a678d-5e6c-4af9-8f57-c6192f42cf74} - Brak pliku
Toolbar: HKU\S-1-5-21-1980786313-716170311-3172534565-1001 -> Brak nazwy - {C66A678D-5E6C-4AF9-8F57-C6192F42CF74} - Brak pliku
FF HKU\S-1-5-21-1980786313-716170311-3172534565-1001\...\Firefox\Extensions: [{0293E99F-EEC4-37CA-8FD2-1E89B11A26CF}] - C:\Program Files (x86)\ver5SpeeditUp\189.xpi => nie znaleziono
StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe
S1 {41dd6130-8c97-47b1-a0d4-6ee31608c702}Gw64; system32\drivers\{41dd6130-8c97-47b1-a0d4-6ee31608c702}Gw64.sys [X]
S1 {5a175d0d-5539-4e73-8563-80c93aa35313}Gw64; system32\drivers\{5a175d0d-5539-4e73-8563-80c93aa35313}Gw64.sys [X]
S1 {712c470d-11c2-4e3b-b30b-b9606cb36aed}Gw64; system32\drivers\{712c470d-11c2-4e3b-b30b-b9606cb36aed}Gw64.sys [X]
S1 {75afa305-1b32-4464-a5e2-f606c80b73a4}Gw64; system32\drivers\{75afa305-1b32-4464-a5e2-f606c80b73a4}Gw64.sys [X]
S1 {770f8173-dbeb-406e-bb39-f5f1a22362d8}Gw64; system32\drivers\{770f8173-dbeb-406e-bb39-f5f1a22362d8}Gw64.sys [X]
S1 {b4a69fee-d6ff-4bda-bdd9-f5dbbe57aa69}Gw64; system32\drivers\{b4a69fee-d6ff-4bda-bdd9-f5dbbe57aa69}Gw64.sys [X]
S1 {b6f164a0-5e01-4c08-b4af-72276812d17d}Gw64; system32\drivers\{b6f164a0-5e01-4c08-b4af-72276812d17d}Gw64.sys [X]
S1 {da0b130f-7ef7-4a5c-97ff-4239bbc3502d}Gw64; system32\drivers\{da0b130f-7ef7-4a5c-97ff-4239bbc3502d}Gw64.sys [X]
S1 {e8294a7e-8442-4f3a-8722-cb5c3f67ed67}Gw64; system32\drivers\{e8294a7e-8442-4f3a-8722-cb5c3f67ed67}Gw64.sys [X]
S1 {fa03420d-05ef-4826-9373-bf3c8734921f}Gw64; system32\drivers\{fa03420d-05ef-4826-9373-bf3c8734921f}Gw64.sys [X]
S1 {fd74c1d1-1ac3-43f9-8336-32679dc7de45}Gw64; system32\drivers\{fd74c1d1-1ac3-43f9-8336-32679dc7de45}Gw64.sys [X]
Task: {18B6F418-7635-4D89-B044-433AC306A810} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
Task: {23F0D79D-84C0-4564-B325-62EA73FC18EF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
Task: {2A5D01D5-2D85-468B-93C7-DCE68B8317EF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
Task: {4E04D3CF-230C-47A6-B386-A26D4C3C0ACE} - System32\Tasks\{49720866-9BFB-406A-8E56-D00C70BDEA56} => pcalua.exe -a "C:\Program Files (x86)\Common Files\VillaSaotech\uninstall.exe" -c -f "C:\Program Files (x86)\Common Files\VillaSaotech\uninstall.dat" -a uninstallme 95961693-4B77-4840-AF17-6D7F2EB5C103 DeviceId=97e2cf90-80c7-e724-e482-601e24451464 BarcodeId=50028003 ChannelId=3 DistributerName=APSFIsc
Task: {6A0D5A7C-CB4A-4E97-AE17-107A84C9432F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
Task: {6E1D43F6-FE4B-4BA0-BF4F-39799455000F} - System32\Tasks\Rush Image => Rundll32.exe "C:\Users\Przemek\AppData\Local\Rush Image\Bin\RushImage.dll",#3 <==== UWAGA
Task: {73A75CAF-D682-4E77-B96E-303084F9D4B3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
Task: {768B4EA4-5B76-439D-8D73-CC5BAF33F774} - \PCDoctorBackgroundMonitorTask -> Brak pliku <==== UWAGA
Task: {8712ADB4-7155-4737-B2C4-F7F8B2CA3A1D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
Task: {89D7DF49-6CFE-4C29-AB85-35696E4518F5} - System32\Tasks\aeUB8660hRr => C:\Users\Przemek\AppData\Roaming\aeUB8660hRr.exe <==== UWAGA
Task: {8A780407-C5A0-40E2-960A-DA8823A0DAA9} - System32\Tasks\{EFBB6034-8087-47CD-8272-93DD24C25BCF} => pcalua.exe -a "C:\Program Files (x86)\360\Total Security\Uninstall.exe"
Task: {8CABE4A8-A30B-438D-BF8E-355521F75C93} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
Task: {A36AB3D4-0C76-447F-84E1-94B3138E19EC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
Task: {BBECFAA3-9FFF-4662-B2B7-EA834F71BA82} - System32\Tasks\6CEEEvaNHqz3OyRv => C:\Users\Przemek\AppData\Roaming\6CEEEvaNHqz3OyRv.exe <==== UWAGA
Task: {BE2AE13A-8166-4285-9ADA-FB21E85653B4} - \SystemToolsDailyTest -> Brak pliku <==== UWAGA
Task: {D0887662-2314-48FF-98A2-35FF654231B3} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA
Task: {EE6E006B-FD3F-4C39-99D1-81F90327C4B8} - \PCDEventLauncherTask -> Brak pliku <==== UWAGA
Task: {EF98FEE3-E118-4CA7-AA7A-0926C9127FED} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
Task: {F216AAD1-B817-4CF5-B2B6-BBD46E758724} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {FA1B5348-E269-4C1F-ACFA-1E0792A42C6B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
Task: C:\WINDOWS\Tasks\6CEEEvaNHqz3OyRv.job => C:\Users\Przemek\AppData\Roaming\6CEEEvaNHqz3OyRv.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\aeUB8660hRr.job => C:\Users\Przemek\AppData\Roaming\aeUB8660hRr.exe <==== UWAGA
DeleteKey: HKCU\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I
DeleteKey: HKCU\Software\dobreprogramy
DeleteKey: HKCU\Software\instalki.pl
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo
DeleteKey: HKLM\SOFTWARE\Wow6432Node\yoursites123Software
Reg: reg delete "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy" /v ProtectedHomepages /f
Reg: reg delete "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy" /v ProtectedSearchScopes /f
Reg: reg delete "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\OpenSearch" /f
Reg: reg delete "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.yoursites123.com" /f
Reg: reg delete "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\yoursites123.com" /f
Reg: reg delete "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.yoursites123.com" /f
Reg: reg delete "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\yoursites123.com" /f
Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v BTMTrayAgent /f
Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v HotKeysCmds /f
Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v "FromDocToPDF EPM Support" /f
Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v "FromDocToPDF AppIntegrator 64-bit" /f
Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v "FromDocToPDF AppIntegrator 32-bit" /f
RemoveDirectory: C:\$360Section
RemoveDirectory: C:\AdwCleaner
RemoveDirectory: C:\Program Files (x86)\Google
RemoveDirectory: C:\Program Files (x86)\Lenovo
RemoveDirectory: C:\Program Files (x86)\Mozilla Firefox\browser\defaults
RemoveDirectory: C:\Program Files (x86)\Opera
RemoveDirectory: C:\ProgramData\360Quarant
RemoveDirectory: C:\ProgramData\Driptax
RemoveDirectory: C:\ProgramData\Driptaxs
RemoveDirectory: C:\Users\Administrator\AppData\Local\FromDocToPDF_65
RemoveDirectory: C:\Users\Administrator\AppData\LocalLow\FromDocToPDF_65
RemoveDirectory: C:\Users\Przemek\AppData\Local\Google
RemoveDirectory: C:\Users\Przemek\AppData\Local\Lenovo
RemoveDirectory: C:\Users\Przemek\AppData\Local\Rush Image
RemoveDirectory: C:\Users\Przemek\AppData\Local\Opera Software
RemoveDirectory: C:\Users\Przemek\AppData\Roaming\Opera Software
RemoveDirectory: C:\Users\Przemek\Downloads\SpyHunter Security Suite v3.12.31 [ENG] [Crack]
RemoveDirectory: C:\Users\Przemek\REACHit
RemoveDirectory: C:\WINDOWS\System32\Tasks\Lenovo
C:\ProgramData\*.log
C:\Users\Przemek\AppData\Roaming\6CEEEvaNHqz3OyRv
C:\Users\Przemek\AppData\Roaming\aeUB8660hRr
C:\Users\Przemek\Downloads\*-dp*.exe
C:\Users\Przemek\Documents\*Downloader*
C:\Users\Przemek\Downloads\*INSTALKI.pl*.exe
C:\Users\Przemek\Downloads\*sciagnij*.exe
C:\Users\Przemek\Downloads\G6hwiz0QXsE&hl=de_DE&fs=1&rel=0&color1=0x006699&color2=0x54abd6&autoplay=0.swf
EmptyTemp:
*****************

Procesy zostały pomyślnie zamknięte.
Punkt przywracania został pomyślnie utworzony.
"C:\ProgramData\Driptax\SaoGojob.dll" => Dane wartości pomyślnie usunięto.
C:\WINDOWS\system32\GroupPolicy\Machine => pomyślnie przeniesiono
C:\WINDOWS\system32\GroupPolicy\GPT.ini => pomyślnie przeniesiono
"HKLM\SOFTWARE\Policies\Google" => klucz pomyślnie usunięto
C:\Users\Przemek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => Skrót - argument pomyślnie usunięto.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono
HKU\S-1-5-21-1980786313-716170311-3172534565-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono
HKU\S-1-5-21-1980786313-716170311-3172534565-1001\Software\Microsoft\Internet Explorer\Main\\Search Bar => Wartość pomyślnie usunięto
HKU\S-1-5-21-1980786313-716170311-3172534565-1001\Software\Microsoft\Internet Explorer\Main\\SearchAssistant => Wartość pomyślnie usunięto
HKU\S-1-5-21-1980786313-716170311-3172534565-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{4c60e5ab-5c68-4c59-abaa-885010b24b32} => Wartość pomyślnie usunięto
HKU\S-1-5-21-1980786313-716170311-3172534565-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie usunięto
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B69F34DD-F0F9-42DC-9EDD-957187DA688D}" => klucz pomyślnie usunięto
HKCR\Wow6432Node\CLSID\{B69F34DD-F0F9-42DC-9EDD-957187DA688D} => klucz nie znaleziono. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{c66a678d-5e6c-4af9-8f57-c6192f42cf74} => Wartość pomyślnie usunięto
HKCR\Wow6432Node\CLSID\{c66a678d-5e6c-4af9-8f57-c6192f42cf74} => klucz nie znaleziono. 
HKU\S-1-5-21-1980786313-716170311-3172534565-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C66A678D-5E6C-4AF9-8F57-C6192F42CF74} => Wartość pomyślnie usunięto
HKCR\CLSID\{C66A678D-5E6C-4AF9-8F57-C6192F42CF74} => klucz nie znaleziono. 
HKU\S-1-5-21-1980786313-716170311-3172534565-1001\Software\Mozilla\Firefox\Extensions\\{0293E99F-EEC4-37CA-8FD2-1E89B11A26CF} => Wartość nie znaleziono.
HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\\Default => Wartość pomyślnie przywrócono
{41dd6130-8c97-47b1-a0d4-6ee31608c702}Gw64 => serwis pomyślnie usunięto
{5a175d0d-5539-4e73-8563-80c93aa35313}Gw64 => serwis pomyślnie usunięto
{712c470d-11c2-4e3b-b30b-b9606cb36aed}Gw64 => serwis pomyślnie usunięto
{75afa305-1b32-4464-a5e2-f606c80b73a4}Gw64 => serwis pomyślnie usunięto
{770f8173-dbeb-406e-bb39-f5f1a22362d8}Gw64 => serwis pomyślnie usunięto
{b4a69fee-d6ff-4bda-bdd9-f5dbbe57aa69}Gw64 => serwis pomyślnie usunięto
{b6f164a0-5e01-4c08-b4af-72276812d17d}Gw64 => serwis pomyślnie usunięto
{da0b130f-7ef7-4a5c-97ff-4239bbc3502d}Gw64 => serwis pomyślnie usunięto
{e8294a7e-8442-4f3a-8722-cb5c3f67ed67}Gw64 => serwis pomyślnie usunięto
{fa03420d-05ef-4826-9373-bf3c8734921f}Gw64 => serwis pomyślnie usunięto
{fd74c1d1-1ac3-43f9-8336-32679dc7de45}Gw64 => serwis pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{18B6F418-7635-4D89-B044-433AC306A810}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18B6F418-7635-4D89-B044-433AC306A810}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{23F0D79D-84C0-4564-B325-62EA73FC18EF}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23F0D79D-84C0-4564-B325-62EA73FC18EF}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2A5D01D5-2D85-468B-93C7-DCE68B8317EF}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A5D01D5-2D85-468B-93C7-DCE68B8317EF}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4E04D3CF-230C-47A6-B386-A26D4C3C0ACE}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E04D3CF-230C-47A6-B386-A26D4C3C0ACE}" => klucz pomyślnie usunięto
C:\WINDOWS\System32\Tasks\{49720866-9BFB-406A-8E56-D00C70BDEA56} => pomyślnie przeniesiono
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{49720866-9BFB-406A-8E56-D00C70BDEA56}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6A0D5A7C-CB4A-4E97-AE17-107A84C9432F}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A0D5A7C-CB4A-4E97-AE17-107A84C9432F}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6E1D43F6-FE4B-4BA0-BF4F-39799455000F}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E1D43F6-FE4B-4BA0-BF4F-39799455000F}" => klucz pomyślnie usunięto
C:\WINDOWS\System32\Tasks\Rush Image => pomyślnie przeniesiono
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Rush Image" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{73A75CAF-D682-4E77-B96E-303084F9D4B3}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73A75CAF-D682-4E77-B96E-303084F9D4B3}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{768B4EA4-5B76-439D-8D73-CC5BAF33F774}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{768B4EA4-5B76-439D-8D73-CC5BAF33F774}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDoctorBackgroundMonitorTask" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8712ADB4-7155-4737-B2C4-F7F8B2CA3A1D}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8712ADB4-7155-4737-B2C4-F7F8B2CA3A1D}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{89D7DF49-6CFE-4C29-AB85-35696E4518F5}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89D7DF49-6CFE-4C29-AB85-35696E4518F5}" => klucz pomyślnie usunięto
C:\WINDOWS\System32\Tasks\aeUB8660hRr => pomyślnie przeniesiono
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\aeUB8660hRr" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A780407-C5A0-40E2-960A-DA8823A0DAA9}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A780407-C5A0-40E2-960A-DA8823A0DAA9}" => klucz pomyślnie usunięto
C:\WINDOWS\System32\Tasks\{EFBB6034-8087-47CD-8272-93DD24C25BCF} => pomyślnie przeniesiono
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EFBB6034-8087-47CD-8272-93DD24C25BCF}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8CABE4A8-A30B-438D-BF8E-355521F75C93}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CABE4A8-A30B-438D-BF8E-355521F75C93}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A36AB3D4-0C76-447F-84E1-94B3138E19EC}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A36AB3D4-0C76-447F-84E1-94B3138E19EC}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BBECFAA3-9FFF-4662-B2B7-EA834F71BA82}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BBECFAA3-9FFF-4662-B2B7-EA834F71BA82}" => klucz pomyślnie usunięto
C:\WINDOWS\System32\Tasks\6CEEEvaNHqz3OyRv => pomyślnie przeniesiono
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\6CEEEvaNHqz3OyRv" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BE2AE13A-8166-4285-9ADA-FB21E85653B4}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE2AE13A-8166-4285-9ADA-FB21E85653B4}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SystemToolsDailyTest" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D0887662-2314-48FF-98A2-35FF654231B3}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0887662-2314-48FF-98A2-35FF654231B3}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EE6E006B-FD3F-4C39-99D1-81F90327C4B8}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE6E006B-FD3F-4C39-99D1-81F90327C4B8}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDEventLauncherTask" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EF98FEE3-E118-4CA7-AA7A-0926C9127FED}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF98FEE3-E118-4CA7-AA7A-0926C9127FED}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F216AAD1-B817-4CF5-B2B6-BBD46E758724}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F216AAD1-B817-4CF5-B2B6-BBD46E758724}" => klucz pomyślnie usunięto
C:\WINDOWS\System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => pomyślnie przeniesiono
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Lenovo Customer Feedback Program 64" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FA1B5348-E269-4C1F-ACFA-1E0792A42C6B}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA1B5348-E269-4C1F-ACFA-1E0792A42C6B}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => klucz pomyślnie usunięto
C:\WINDOWS\Tasks\6CEEEvaNHqz3OyRv.job => pomyślnie przeniesiono
C:\WINDOWS\Tasks\aeUB8660hRr.job => pomyślnie przeniesiono
HKCU\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I => klucz pomyślnie usunięto
HKCU\Software\dobreprogramy => klucz pomyślnie usunięto
HKCU\Software\instalki.pl => klucz nie znaleziono. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo => klucz pomyślnie usunięto
HKLM\SOFTWARE\Wow6432Node\yoursites123Software => niepowodzenie przy usuwaniu w pierwszym podejściu (ErrorCode: C0000121), zobacz kolejną linię.
HKLM\SOFTWARE\Wow6432Node\yoursites123Software => klucz pomyślnie usunięto

========= reg delete "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy" /v ProtectedHomepages /f =========

Operacja ukoäczona pomylnie.


========= Koniec  Reg: =========


========= reg delete "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy" /v ProtectedSearchScopes /f =========

Operacja ukoäczona pomylnie.


========= Koniec  Reg: =========


========= reg delete "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\OpenSearch" /f =========

Operacja ukoäczona pomylnie.


========= Koniec  Reg: =========


========= reg delete "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.yoursites123.com" /f =========

ERROR: The system was unable to find the specified registry key or value.


========= Koniec  Reg: =========


========= reg delete "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\yoursites123.com" /f =========

ERROR: The system was unable to find the specified registry key or value.


========= Koniec  Reg: =========


========= reg delete "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.yoursites123.com" /f =========

ERROR: The system was unable to find the specified registry key or value.


========= Koniec  Reg: =========


========= reg delete "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\yoursites123.com" /f =========

ERROR: The system was unable to find the specified registry key or value.


========= Koniec  Reg: =========


========= reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v BTMTrayAgent /f =========

Operacja ukoäczona pomylnie.


========= Koniec  Reg: =========


========= reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v HotKeysCmds /f =========

Operacja ukoäczona pomylnie.


========= Koniec  Reg: =========


========= reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v "FromDocToPDF EPM Support" /f =========

Operacja ukoäczona pomylnie.


========= Koniec  Reg: =========


========= reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v "FromDocToPDF AppIntegrator 64-bit" /f =========

Operacja ukoäczona pomylnie.


========= Koniec  Reg: =========


========= reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v "FromDocToPDF AppIntegrator 32-bit" /f =========

Operacja ukoäczona pomylnie.


========= Koniec  Reg: =========

"C:\$360Section" => pomyślnie usunięto.
"C:\AdwCleaner" => pomyślnie usunięto.
"C:\Program Files (x86)\Google" => pomyślnie usunięto.
"C:\Program Files (x86)\Lenovo" => nie znaleziono.
"C:\Program Files (x86)\Mozilla Firefox\browser\defaults" => pomyślnie usunięto.
"C:\Program Files (x86)\Opera" => pomyślnie usunięto.
"C:\ProgramData\360Quarant" => pomyślnie usunięto.
"C:\ProgramData\Driptax" => pomyślnie usunięto.
"C:\ProgramData\Driptaxs" => pomyślnie usunięto.
"C:\Users\Administrator\AppData\Local\FromDocToPDF_65" => pomyślnie usunięto.
"C:\Users\Administrator\AppData\LocalLow\FromDocToPDF_65" => pomyślnie usunięto.
"C:\Users\Przemek\AppData\Local\Google" => pomyślnie usunięto.
"C:\Users\Przemek\AppData\Local\Lenovo" => pomyślnie usunięto.
"C:\Users\Przemek\AppData\Local\Rush Image" => pomyślnie usunięto.
"C:\Users\Przemek\AppData\Local\Opera Software" => pomyślnie usunięto.
"C:\Users\Przemek\AppData\Roaming\Opera Software" => pomyślnie usunięto.
"C:\Users\Przemek\Downloads\SpyHunter Security Suite v3.12.31 [ENG] [Crack]" => pomyślnie usunięto.
"C:\Users\Przemek\REACHit" => pomyślnie usunięto.
"C:\WINDOWS\System32\Tasks\Lenovo" => pomyślnie usunięto.

=========== "C:\ProgramData\*.log" ==========

C:\ProgramData\Temp.log => pomyślnie przeniesiono
C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log => pomyślnie przeniesiono
C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log => pomyślnie przeniesiono
C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log => pomyślnie przeniesiono
C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log => pomyślnie przeniesiono
C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log => pomyślnie przeniesiono

========= Koniec -> "C:\ProgramData\*.log" ========

C:\Users\Przemek\AppData\Roaming\6CEEEvaNHqz3OyRv => pomyślnie przeniesiono
C:\Users\Przemek\AppData\Roaming\aeUB8660hRr => pomyślnie przeniesiono

=========== "C:\Users\Przemek\Downloads\*-dp*.exe" ==========

C:\Users\Przemek\Downloads\7Zip-12559-dp.exe => pomyślnie przeniesiono
C:\Users\Przemek\Downloads\Adobe-Flash-Player-13091-dp.exe => pomyślnie przeniesiono
C:\Users\Przemek\Downloads\DAEMON-Tools-Lite-12708-dp.exe => pomyślnie przeniesiono
C:\Users\Przemek\Downloads\ISO-Workshop-23534-dp.exe => pomyślnie przeniesiono

========= Koniec -> "C:\Users\Przemek\Downloads\*-dp*.exe" ========


=========== "C:\Users\Przemek\Documents\*Downloader*" ==========

C:\Users\Przemek\Documents\FIFA 16 PC Game Downloader.exe => pomyślnie przeniesiono

========= Koniec -> "C:\Users\Przemek\Documents\*Downloader*" ========


=========== "C:\Users\Przemek\Downloads\*INSTALKI.pl*.exe" ==========

C:\Users\Przemek\Downloads\DAEMON_Tools_Lite_v10.1_www.INSTALKI.pl.exe => pomyślnie przeniesiono

========= Koniec -> "C:\Users\Przemek\Downloads\*INSTALKI.pl*.exe" ========


=========== "C:\Users\Przemek\Downloads\*sciagnij*.exe" ==========

C:\Users\Przemek\Downloads\installer_AdBlock_dla_Chrome_sciagnij.exe => pomyślnie przeniesiono

========= Koniec -> "C:\Users\Przemek\Downloads\*sciagnij*.exe" ========

C:\Users\Przemek\Downloads\G6hwiz0QXsE&hl=de_DE&fs=1&rel=0&color1=0x006699&color2=0x54abd6&autoplay=0.swf => pomyślnie przeniesiono
EmptyTemp: => 51.6 MB danych tymczasowych Usunięto.


System wymagał restartu.

==== Koniec  Fixlog 16:36:52 ====