Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja:14-12-2015 Uruchomiony przez Dj Tedex Studio (2015-12-14 22:19:46) Run:2 Uruchomiony z C:\Users\Dj Tedex Studio\Desktop ZaÅ‚adowane profile: Dj Tedex Studio (DostÄ™pne profile: Dj Tedex Studio) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: R1 {3c836676-f0ac-4921-b55a-03cfbf37b751}Gw64; C:\Windows\System32\drivers\{3c836676-f0ac-4921-b55a-03cfbf37b751}Gw64.sys [48784 2015-12-14] (StdLib) GroupPolicy: Ograniczenia - Chrome <======= UWAGA CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449826924&z=0bcd5caf318c7322035a778gezdzdtfb3obm7e8w1g&from=ient07021&uid=ST31000524AS_6VPBM7P4XXXX6VPBM7P4 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.yoursites123.com/?type=sc&ts=1449826924&z=0bcd5caf318c7322035a778gezdzdtfb3obm7e8w1g&from=ient07021&uid=ST31000524AS_6VPBM7P4XXXX6VPBM7P4 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics\Far Cry 4\Play Far Cry 4.lnk -> C:\Program Files (x86)\R.G. Mechanics\Far Cry 4\bin\Launcher.exe () -> hxxp://www.yoursites123.com/?type=sc&ts=1449826924&z=0bcd5caf318c7322035a778gezdzdtfb3obm7e8w1g&from=ient07021&uid=ST31000524AS_6VPBM7P4XXXX6VPBM7P4 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449824410&z=99b8814b78ab49c954bbf57gfz4zetdbcodz0wfc7w&from=ient07021&uid=ST31000524AS_6VPBM7P4XXXX6VPBM7P4 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 Multiplayer\Play Euro Truck Simulator 2 Multiplayer.lnk -> C:\Program Files (x86)\Euro Truck Simulator 2 Multiplayer\launcher.exe (ETS2MP Team) -> hxxp://www.omniboxes.com/?type=sc&ts=1449068806&z=87dfdda7c4feb5523185062g2zez0t8eeqbb1tfo1c&from=ient07021&uid=ST31000524AS_6VPBM7P4XXXX6VPBM7P4 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Build and Shoot\Build and Shoot Launcher.lnk -> C:\Program Files (x86)\Build and Shoot\Launcher.exe (Buld Then Snip, LLC) -> hxxp://www.yoursites123.com/?type=sc&ts=1449824410&z=99b8814b78ab49c954bbf57gfz4zetdbcodz0wfc7w&from=ient07021&uid=ST31000524AS_6VPBM7P4XXXX6VPBM7P4 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games\Mafia II\Mafia II Launcher.lnk -> C:\Program Files (x86)\2K Games\Mafia II\launcher.exe () -> hxxp://www.yoursites123.com/?type=sc&ts=1449824410&z=99b8814b78ab49c954bbf57gfz4zetdbcodz0wfc7w&from=ient07021&uid=ST31000524AS_6VPBM7P4XXXX6VPBM7P4 ShortcutWithArgument: C:\Users\Dj Tedex Studio\Desktop\Build and Shoot Launcher.lnk -> C:\Program Files (x86)\Build and Shoot\Launcher.exe (Buld Then Snip, LLC) -> hxxp://www.yoursites123.com/?type=sc&ts=1449826924&z=0bcd5caf318c7322035a778gezdzdtfb3obm7e8w1g&from=ient07021&uid=ST31000524AS_6VPBM7P4XXXX6VPBM7P4 ShortcutWithArgument: C:\Users\Dj Tedex Studio\Desktop\Launcher GTA 5.lnk -> C:\Program Files (x86)\Grand.Theft.Auto.V.Full.Unlocked.PL\Launcher.exe () -> hxxp://www.yoursites123.com/?type=sc&ts=1449826924&z=0bcd5caf318c7322035a778gezdzdtfb3obm7e8w1g&from=ient07021&uid=ST31000524AS_6VPBM7P4XXXX6VPBM7P4 ShortcutWithArgument: C:\Users\Dj Tedex Studio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449826924&z=0bcd5caf318c7322035a778gezdzdtfb3obm7e8w1g&from=ient07021&uid=ST31000524AS_6VPBM7P4XXXX6VPBM7P4 ShortcutWithArgument: C:\Users\Dj Tedex Studio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Program uruchamiajÄ…cy aplikacje Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449826924&z=0bcd5caf318c7322035a778gezdzdtfb3obm7e8w1g&from=ient07021&uid=ST31000524AS_6VPBM7P4XXXX6VPBM7P4 ShortcutWithArgument: C:\Users\Dj Tedex Studio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Vysor (Beta) (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449826924&z=0bcd5caf318c7322035a778gezdzdtfb3obm7e8w1g&from=ient07021&uid=ST31000524AS_6VPBM7P4XXXX6VPBM7P4 ShortcutWithArgument: C:\Users\Dj Tedex Studio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Vysor (Beta).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449826924&z=0bcd5caf318c7322035a778gezdzdtfb3obm7e8w1g&from=ient07021&uid=ST31000524AS_6VPBM7P4XXXX6VPBM7P4 ShortcutWithArgument: C:\Users\Dj Tedex Studio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.omniboxes.com/?type=sc&ts=1447153778&z=db35596b99f362ac8b52790g0z9z4m3g9wbcfbem9o&from=wpm07163&uid=ST31000524AS_6VPBM7P4XXXX6VPBM7P4 ShortcutWithArgument: C:\Users\Dj Tedex Studio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449824410&z=99b8814b78ab49c954bbf57gfz4zetdbcodz0wfc7w&from=ient07021&uid=ST31000524AS_6VPBM7P4XXXX6VPBM7P4 ShortcutWithArgument: C:\Users\Dj Tedex Studio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449826924&z=0bcd5caf318c7322035a778gezdzdtfb3obm7e8w1g&from=ient07021&uid=ST31000524AS_6VPBM7P4XXXX6VPBM7P4 ShortcutWithArgument: C:\Users\Dj Tedex Studio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449824410&z=99b8814b78ab49c954bbf57gfz4zetdbcodz0wfc7w&from=ient07021&uid=ST31000524AS_6VPBM7P4XXXX6VPBM7P4 ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449826924&z=0bcd5caf318c7322035a778gezdzdtfb3obm7e8w1g&from=ient07021&uid=ST31000524AS_6VPBM7P4XXXX6VPBM7P4 ShortcutWithArgument: C:\Users\Public\Desktop\Play Euro Truck Simulator 2 Multiplayer.lnk -> C:\Program Files (x86)\Euro Truck Simulator 2 Multiplayer\launcher.exe (ETS2MP Team) -> hxxp://www.omniboxes.com/?type=sc&ts=1449068806&z=87dfdda7c4feb5523185062g2zez0t8eeqbb1tfo1c&from=ient07021&uid=ST31000524AS_6VPBM7P4XXXX6VPBM7P4 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=1449826924&z=0bcd5caf318c7322035a778gezdzdtfb3obm7e8w1g&from=ient07021&uid=ST31000524AS_6VPBM7P4XXXX6VPBM7P4&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449826924&z=0bcd5caf318c7322035a778gezdzdtfb3obm7e8w1g&from=ient07021&uid=ST31000524AS_6VPBM7P4XXXX6VPBM7P4&q={searchTerms} HKU\S-1-5-21-2930414122-1855830695-2752083529-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=1449824410&z=99b8814b78ab49c954bbf57gfz4zetdbcodz0wfc7w&from=ient07021&uid=ST31000524AS_6VPBM7P4XXXX6VPBM7P4&q={searchTerms} HKU\S-1-5-21-2930414122-1855830695-2752083529-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.omniboxes.com/?type=hp&ts=1447153778&z=db35596b99f362ac8b52790g0z9z4m3g9wbcfbem9o&from=wpm07163&uid=ST31000524AS_6VPBM7P4XXXX6VPBM7P4 HKU\S-1-5-21-2930414122-1855830695-2752083529-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.omniboxes.com/?type=hp&ts=1447153778&z=db35596b99f362ac8b52790g0z9z4m3g9wbcfbem9o&from=wpm07163&uid=ST31000524AS_6VPBM7P4XXXX6VPBM7P4 HKU\S-1-5-21-2930414122-1855830695-2752083529-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449824410&z=99b8814b78ab49c954bbf57gfz4zetdbcodz0wfc7w&from=ient07021&uid=ST31000524AS_6VPBM7P4XXXX6VPBM7P4&q={searchTerms} SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449824410&z=99b8814b78ab49c954bbf57gfz4zetdbcodz0wfc7w&from=ient07021&uid=ST31000524AS_6VPBM7P4XXXX6VPBM7P4&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449824410&z=99b8814b78ab49c954bbf57gfz4zetdbcodz0wfc7w&from=ient07021&uid=ST31000524AS_6VPBM7P4XXXX6VPBM7P4&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope - brak wartoÅ›ci SearchScopes: HKU\S-1-5-21-2930414122-1855830695-2752083529-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKU\S-1-5-21-2930414122-1855830695-2752083529-1000 -> {14CBE3D7-E6F2-42cb-B35B-4601B9C19C73} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms} SearchScopes: HKU\S-1-5-21-2930414122-1855830695-2752083529-1000 -> {4F921B95-F030-46e5-9987-6B55CE38B167} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV StartMenuInternet: IEXPLORE.EXE - iexplore.exe FF HKLM-x32\...\Firefox\Extensions: [{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}] - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1} FF HKLM-x32\...\Firefox\Extensions: [{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}] - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0} FF HKLM-x32\...\Firefox\Extensions: [{d9284e50-81fc-11da-a72b-0800200c9a66}] - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66} FF HKLM-x32\...\Firefox\Extensions: [shortcutff@gmail.com] - C:\Users\Dj Tedex Studio\AppData\Roaming\Mozilla\Firefox\Profiles\yxzu8or9.default\extensions\shortcutff@gmail.com FF HKLM-x32\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\Dj Tedex Studio\AppData\Roaming\Mozilla\Firefox\Profiles\yxzu8or9.default\extensions\detgdp@gmail.com FF HKLM-x32\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\Dj Tedex Studio\AppData\Roaming\Mozilla\Firefox\Profiles\yxzu8or9.default\extensions\defsearchp@gmail.com FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Dj Tedex Studio\AppData\Roaming\Mozilla\Firefox\Profiles\yxzu8or9.default\extensions\deskCutv2@gmail.com => nie znaleziono FF HKLM-x32\...\Firefox\Extensions: [default_newtabff@gmail.com] - C:\Users\Dj Tedex Studio\AppData\Roaming\Mozilla\Firefox\Profiles\yxzu8or9.default\extensions\default_newtabff@gmail.com FF HKLM-x32\...\Firefox\Extensions: [yahooprotected@gmail.com] - C:\Users\Dj Tedex Studio\AppData\Roaming\Mozilla\Firefox\Profiles\yxzu8or9.default\extensions\yahooprotected@gmail.com StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.yoursites123.com/?type=sc&ts=1449826924&z=0bcd5caf318c7322035a778gezdzdtfb3obm7e8w1g&from=ient07021&uid=ST31000524AS_6VPBM7P4XXXX6VPBM7P4 CHR HKLM\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\Dj Tedex Studio\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [2015-01-02] CHR HKLM-x32\...\Chrome\Extension: [ainbkicbloikcngphmjfpjdemblcojdd] - C:\Users\Dj Tedex Studio\AppData\Local\Google\Chrome\User Data\Default\Extensions\slidebar.crx [2014-06-12] CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-08-13] CHR HKLM-x32\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\Dj Tedex Studio\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [2015-01-02] CHR HKLM-x32\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Users\Dj Tedex Studio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-06-12] StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.yoursites123.com/?type=sc&ts=1449826924&z=0bcd5caf318c7322035a778gezdzdtfb3obm7e8w1g&from=ient07021&uid=ST31000524AS_6VPBM7P4XXXX6VPBM7P4 StartMenuInternet: (HKLM) OperaStable - C:\Program Files (x86)\Opera\Launcher.exe hxxp://www.yoursites123.com/?type=sc&ts=1449826924&z=0bcd5caf318c7322035a778gezdzdtfb3obm7e8w1g&from=ient07021&uid=ST31000524AS_6VPBM7P4XXXX6VPBM7P4 HKLM-x32\...\Run: [STCAgent] => "C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe" HKU\S-1-5-21-2930414122-1855830695-2752083529-1000\...\Run: [AdobeBridge] => [X] Task: {130D1301-96A3-4D17-A528-8092523B4987} - System32\Tasks\{C00D2CFA-EE97-4361-8ADB-EB19ECB8E45E} => pcalua.exe -a "C:\Users\Dj Tedex Studio\Downloads\Firefox Setup 21.0.exe" -d "C:\Users\Dj Tedex Studio\Downloads" Task: {37EA448C-A1C0-437A-9AE5-409736CDF502} - System32\Tasks\{2C207403-6223-4676-9E36-568B578F57DA} => pcalua.exe -a D:\10\setup_farming_simulator_2013_titanium_addon_v10.exe -d D:\10 Task: {682521E1-A6D5-4AC5-A2C3-D5DA0AC81F76} - \DealPlyUpdate -> Brak pliku <==== UWAGA Task: {7CDB358D-2735-4A47-A295-545E59E4659F} - \DealPly -> Brak pliku <==== UWAGA Task: {D0366878-223E-4BDA-96FB-B4CF4977C571} - System32\Tasks\{6C03D594-89EA-4BBA-B6E4-388707CB7D70} => pcalua.exe -a E:\SilentHunter4_NSS.exe -d E:\ Task: {E40101CE-9789-4296-AA75-21E32D846FF1} - System32\Tasks\FoxTab => C:\Users\DJTEDE~1\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE <==== UWAGA Task: C:\Windows\Tasks\FoxTab.job => C:\Users\DJTEDE~1\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE <==== UWAGA Task: C:\Windows\Tasks\Opera N Saturday.job => C:\Program Files (x86)\Opera\launcher.exe Task: C:\Windows\Tasks\Opera N Sunday.job => C:\Program Files (x86)\Opera\launcher.exe Task: C:\Windows\Tasks\Opera N.job => C:\Program Files (x86)\Opera\launcher.exe Task: C:\Windows\Tasks\Opera scheduled Autoupdate 1435572889.job => C:\Program Files (x86)\Opera\launcher.exe Task: C:\Windows\Tasks\Software Removal Tool logs upload retry.job => C:\Users\Dj Tedex Studio\AppData\Local\Temp\C1D6.exe <==== UWAGA S4 aswSP; Brak ImagePath S3 AndnetBus; system32\DRIVERS\lgandnetbus64.sys [X] S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X] S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X] S3 andnetndis; system32\DRIVERS\lgandnetndis64.sys [X] S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X] S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] DeleteKey: HKCU\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I DeleteKey: HKCU\Software\dobreprogramy DeleteKey: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 DeleteKey: HKLM\SOFTWARE\Wow6432Node\yoursites123Software RemoveDirectory: C:\Program Files (x86)\McAfee Security Scan RemoveDirectory: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins RemoveDirectory: C:\Program Files (x86)\SFK RemoveDirectory: C:\ProgramData\Temp RemoveDirectory: C:\Users\Dj Tedex Studio\AppData\Roaming\Mozilla\plugins RemoveDirectory: C:\Users\Dj Tedex Studio\Desktop\FRST-OlderVersion C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat C:\Users\Dj\servers.dat C:\Users\Dj Tedex Studio\AppData\Local\ACCCx2_4_1_351.zip.aamdownload C:\Users\Dj Tedex Studio\AppData\Local\ACCCx2_4_1_351.zip.aamdownload.aamd C:\Users\Dj Tedex Studio\AppData\Local\Google\Chrome\User Data\Default\Web Data C:\Users\Dj Tedex Studio\AppData\Roaming\Uninstal.exe C:\Windows\system32\cwlog.dtl C:\Windows\system32\hale.exe C:\Windows\System32\sslsp105.dll C:\Windows\System32\drivers\{3c836676-f0ac-4921-b55a-03cfbf37b751}Gw64.sys C:\Windows\SysWOW64\pl.html C:\Windows\SysWOW64\sslsp105.dll CMD: netsh advfirewall reset CMD: netsh winsock reset CMD: type C:\Windows\System32\Tasks\SidebarExecute File: C:\Windows\system32\winlogon.exe Hosts: EmptyTemp: ***************** Procesy zostaÅ‚y pomyÅ›lnie zamkniÄ™te. Punkt przywracania zostaÅ‚ pomyÅ›lnie utworzony. {3c836676-f0ac-4921-b55a-03cfbf37b751}Gw64 => UsÅ‚uga pomyÅ›lnie zatrzymana. {3c836676-f0ac-4921-b55a-03cfbf37b751}Gw64 => serwis pomyÅ›lnie usuniÄ™to C:\Windows\system32\GroupPolicy\Machine => pomyÅ›lnie przeniesiono C:\Windows\system32\GroupPolicy\GPT.ini => pomyÅ›lnie przeniesiono "HKLM\SOFTWARE\Policies\Google" => klucz pomyÅ›lnie usuniÄ™to C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk => Skrót - argument pomyÅ›lnie usuniÄ™to. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk => Skrót - argument pomyÅ›lnie usuniÄ™to. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics\Far Cry 4\Play Far Cry 4.lnk => Skrót - argument pomyÅ›lnie usuniÄ™to. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk => Skrót - argument pomyÅ›lnie usuniÄ™to. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 Multiplayer\Play Euro Truck Simulator 2 Multiplayer.lnk => Skrót - argument pomyÅ›lnie usuniÄ™to. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Build and Shoot\Build and Shoot Launcher.lnk => Skrót - argument pomyÅ›lnie usuniÄ™to. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games\Mafia II\Mafia II Launcher.lnk => Skrót - argument pomyÅ›lnie usuniÄ™to. C:\Users\Dj Tedex Studio\Desktop\Build and Shoot Launcher.lnk => Skrót - argument pomyÅ›lnie usuniÄ™to. C:\Users\Dj Tedex Studio\Desktop\Launcher GTA 5.lnk => Skrót - argument pomyÅ›lnie usuniÄ™to. C:\Users\Dj Tedex Studio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => Skrót - argument pomyÅ›lnie usuniÄ™to. C:\Users\Dj Tedex Studio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Program uruchamiajÄ…cy aplikacje Chrome.lnk => Skrót - argument pomyÅ›lnie usuniÄ™to. C:\Users\Dj Tedex Studio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Vysor (Beta) (1).lnk => Skrót - argument pomyÅ›lnie usuniÄ™to. C:\Users\Dj Tedex Studio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Vysor (Beta).lnk => Skrót - argument pomyÅ›lnie usuniÄ™to. C:\Users\Dj Tedex Studio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk => Skrót - argument pomyÅ›lnie przywrócono C:\Users\Dj Tedex Studio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => Skrót - argument pomyÅ›lnie usuniÄ™to. C:\Users\Dj Tedex Studio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => Skrót - argument pomyÅ›lnie usuniÄ™to. C:\Users\Dj Tedex Studio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk => Skrót - argument pomyÅ›lnie usuniÄ™to. C:\Users\Public\Desktop\Google Chrome.lnk => Skrót - argument pomyÅ›lnie usuniÄ™to. C:\Users\Public\Desktop\Play Euro Truck Simulator 2 Multiplayer.lnk => Skrót - argument pomyÅ›lnie usuniÄ™to. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyÅ›lnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyÅ›lnie przywrócono HKU\S-1-5-21-2930414122-1855830695-2752083529-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyÅ›lnie przywrócono HKU\S-1-5-21-2930414122-1855830695-2752083529-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyÅ›lnie przywrócono HKU\S-1-5-21-2930414122-1855830695-2752083529-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyÅ›lnie przywrócono HKU\S-1-5-21-2930414122-1855830695-2752083529-1000\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyÅ›lnie przywrócono HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyÅ›lnie przywrócono "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => klucz pomyÅ›lnie usuniÄ™to HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => klucz nie znaleziono. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyÅ›lnie przywrócono HKU\S-1-5-21-2930414122-1855830695-2752083529-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyÅ›lnie usuniÄ™to "HKU\S-1-5-21-2930414122-1855830695-2752083529-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{14CBE3D7-E6F2-42cb-B35B-4601B9C19C73}" => klucz pomyÅ›lnie usuniÄ™to HKCR\CLSID\{14CBE3D7-E6F2-42cb-B35B-4601B9C19C73} => klucz nie znaleziono. "HKU\S-1-5-21-2930414122-1855830695-2752083529-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4F921B95-F030-46e5-9987-6B55CE38B167}" => klucz pomyÅ›lnie usuniÄ™to HKCR\CLSID\{4F921B95-F030-46e5-9987-6B55CE38B167} => klucz nie znaleziono. HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Wartość pomyÅ›lnie przywrócono HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1} => Wartość nie znaleziono. HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0} => Wartość nie znaleziono. HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{d9284e50-81fc-11da-a72b-0800200c9a66} => Wartość nie znaleziono. HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\shortcutff@gmail.com => Wartość pomyÅ›lnie usuniÄ™to HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\detgdp@gmail.com => Wartość pomyÅ›lnie usuniÄ™to HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\defsearchp@gmail.com => Wartość pomyÅ›lnie usuniÄ™to HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\deskCutv2@gmail.com => Wartość pomyÅ›lnie usuniÄ™to HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\default_newtabff@gmail.com => Wartość pomyÅ›lnie usuniÄ™to HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\yahooprotected@gmail.com => Wartość pomyÅ›lnie usuniÄ™to HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\\Default => Wartość pomyÅ›lnie przywrócono "HKLM\SOFTWARE\Google\Chrome\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh" => klucz pomyÅ›lnie usuniÄ™to C:\Users\Dj Tedex Studio\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx => pomyÅ›lnie przeniesiono "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ainbkicbloikcngphmjfpjdemblcojdd" => klucz pomyÅ›lnie usuniÄ™to C:\Users\Dj Tedex Studio\AppData\Local\Google\Chrome\User Data\Default\Extensions\slidebar.crx => pomyÅ›lnie przeniesiono "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj" => klucz pomyÅ›lnie usuniÄ™to C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx => pomyÅ›lnie przeniesiono "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh" => klucz pomyÅ›lnie usuniÄ™to "C:\Users\Dj Tedex Studio\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx" => nie znaleziono. "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo" => klucz pomyÅ›lnie usuniÄ™to C:\Users\Dj Tedex Studio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx => pomyÅ›lnie przeniesiono HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command\\Default => Wartość pomyÅ›lnie przywrócono HKLM\SOFTWARE\Clients\StartMenuInternet\OperaStable\shell\open\command\\Default => Wartość pomyÅ›lnie przywrócono HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\STCAgent => Wartość pomyÅ›lnie usuniÄ™to HKU\S-1-5-21-2930414122-1855830695-2752083529-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => Wartość pomyÅ›lnie usuniÄ™to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{130D1301-96A3-4D17-A528-8092523B4987}" => klucz pomyÅ›lnie usuniÄ™to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{130D1301-96A3-4D17-A528-8092523B4987}" => klucz pomyÅ›lnie usuniÄ™to C:\Windows\System32\Tasks\{C00D2CFA-EE97-4361-8ADB-EB19ECB8E45E} => pomyÅ›lnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C00D2CFA-EE97-4361-8ADB-EB19ECB8E45E}" => klucz pomyÅ›lnie usuniÄ™to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{37EA448C-A1C0-437A-9AE5-409736CDF502}" => klucz pomyÅ›lnie usuniÄ™to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37EA448C-A1C0-437A-9AE5-409736CDF502}" => klucz pomyÅ›lnie usuniÄ™to C:\Windows\System32\Tasks\{2C207403-6223-4676-9E36-568B578F57DA} => pomyÅ›lnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2C207403-6223-4676-9E36-568B578F57DA}" => klucz pomyÅ›lnie usuniÄ™to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{682521E1-A6D5-4AC5-A2C3-D5DA0AC81F76}" => klucz pomyÅ›lnie usuniÄ™to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{682521E1-A6D5-4AC5-A2C3-D5DA0AC81F76}" => klucz pomyÅ›lnie usuniÄ™to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate" => klucz pomyÅ›lnie usuniÄ™to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7CDB358D-2735-4A47-A295-545E59E4659F}" => klucz pomyÅ›lnie usuniÄ™to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7CDB358D-2735-4A47-A295-545E59E4659F}" => klucz pomyÅ›lnie usuniÄ™to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPly" => klucz pomyÅ›lnie usuniÄ™to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D0366878-223E-4BDA-96FB-B4CF4977C571}" => klucz pomyÅ›lnie usuniÄ™to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0366878-223E-4BDA-96FB-B4CF4977C571}" => klucz pomyÅ›lnie usuniÄ™to C:\Windows\System32\Tasks\{6C03D594-89EA-4BBA-B6E4-388707CB7D70} => pomyÅ›lnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6C03D594-89EA-4BBA-B6E4-388707CB7D70}" => klucz pomyÅ›lnie usuniÄ™to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E40101CE-9789-4296-AA75-21E32D846FF1}" => klucz pomyÅ›lnie usuniÄ™to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E40101CE-9789-4296-AA75-21E32D846FF1}" => klucz pomyÅ›lnie usuniÄ™to C:\Windows\System32\Tasks\FoxTab => pomyÅ›lnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FoxTab" => klucz pomyÅ›lnie usuniÄ™to C:\Windows\Tasks\FoxTab.job => pomyÅ›lnie przeniesiono C:\Windows\Tasks\Opera N Saturday.job => pomyÅ›lnie przeniesiono C:\Windows\Tasks\Opera N Sunday.job => pomyÅ›lnie przeniesiono C:\Windows\Tasks\Opera N.job => pomyÅ›lnie przeniesiono C:\Windows\Tasks\Opera scheduled Autoupdate 1435572889.job => pomyÅ›lnie przeniesiono C:\Windows\Tasks\Software Removal Tool logs upload retry.job => pomyÅ›lnie przeniesiono aswSP => serwis pomyÅ›lnie usuniÄ™to AndnetBus => serwis pomyÅ›lnie usuniÄ™to AndNetDiag => serwis pomyÅ›lnie usuniÄ™to ANDNetModem => serwis pomyÅ›lnie usuniÄ™to andnetndis => serwis pomyÅ›lnie usuniÄ™to FairplayKD => serwis pomyÅ›lnie usuniÄ™to VBoxNetFlt => serwis pomyÅ›lnie usuniÄ™to xhunter1 => serwis pomyÅ›lnie usuniÄ™to HKCU\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I => klucz pomyÅ›lnie usuniÄ™to HKCU\Software\dobreprogramy => klucz pomyÅ›lnie usuniÄ™to HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 => niepowodzenie przy usuwaniu w pierwszym podejÅ›ciu (ErrorCode: C0000121), zobacz kolejnÄ… liniÄ™. HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 => klucz pomyÅ›lnie usuniÄ™to HKLM\SOFTWARE\Wow6432Node\yoursites123Software => niepowodzenie przy usuwaniu w pierwszym podejÅ›ciu (ErrorCode: C0000121), zobacz kolejnÄ… liniÄ™. HKLM\SOFTWARE\Wow6432Node\yoursites123Software => klucz pomyÅ›lnie usuniÄ™to "C:\Program Files (x86)\McAfee Security Scan" => pomyÅ›lnie usuniÄ™to. "C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins" => pomyÅ›lnie usuniÄ™to. "C:\Program Files (x86)\SFK" => pomyÅ›lnie usuniÄ™to. "C:\ProgramData\Temp" => pomyÅ›lnie usuniÄ™to. "C:\Users\Dj Tedex Studio\AppData\Roaming\Mozilla\plugins" => pomyÅ›lnie usuniÄ™to. "C:\Users\Dj Tedex Studio\Desktop\FRST-OlderVersion" => pomyÅ›lnie usuniÄ™to. C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat => pomyÅ›lnie przeniesiono C:\Users\Dj\servers.dat => pomyÅ›lnie przeniesiono C:\Users\Dj Tedex Studio\AppData\Local\ACCCx2_4_1_351.zip.aamdownload => pomyÅ›lnie przeniesiono C:\Users\Dj Tedex Studio\AppData\Local\ACCCx2_4_1_351.zip.aamdownload.aamd => pomyÅ›lnie przeniesiono C:\Users\Dj Tedex Studio\AppData\Local\Google\Chrome\User Data\Default\Web Data => pomyÅ›lnie przeniesiono C:\Users\Dj Tedex Studio\AppData\Roaming\Uninstal.exe => pomyÅ›lnie przeniesiono C:\Windows\system32\cwlog.dtl => pomyÅ›lnie przeniesiono C:\Windows\system32\hale.exe => pomyÅ›lnie przeniesiono C:\Windows\System32\sslsp105.dll => pomyÅ›lnie przeniesiono C:\Windows\System32\drivers\{3c836676-f0ac-4921-b55a-03cfbf37b751}Gw64.sys => pomyÅ›lnie przeniesiono C:\Windows\SysWOW64\pl.html => pomyÅ›lnie przeniesiono C:\Windows\SysWOW64\sslsp105.dll => pomyÅ›lnie przeniesiono ========= netsh advfirewall reset ========= Ok. ========= Koniec CMD: ========= ========= netsh winsock reset ========= Pomy˜lnie zresetowano Winsock Catalog. Musisz ponownie uruchomi† komputer, aby ukoäczy† resetowanie. ========= Koniec CMD: ========= ========= type C:\Windows\System32\Tasks\SidebarExecute ========= true IgnoreNew true true true false false PT10M PT1H true false true true false false false true false PT72H 7 C:\Program Files (x86)\Windows Sidebar\sidebar.exe S-1-5-32-545 LeastPrivilege ========= Koniec CMD: ========= ========================= File: C:\Windows\system32\winlogon.exe ======================== Brak podpisu cyfrowego MD5: 87A00ED70FEC36D0DD968E5058C29AA1 Data utworzenia i modyfikacji: 2013-05-22 05:46 - 2015-12-14 19:27 Rozmiar: 0389632 Atrybuty: ----A Firma: Microsoft Corporation WewnÄ™trzna nazwa: winlogon Oryginalna nazwa: WINLOGON.EXE.MUI Produkt: System operacyjny Microsoft® Windows® Opis: Aplikacja logowania systemu Windows Plik Wersja: 6.1.7601.17514 (win7sp1_rtm.101119-1850) Produkt Wersja: 6.1.7601.17514 Prawa autorskie: © Microsoft Corporation. Wszelkie prawa zastrzeżone. ====== Koniec File: ====== C:\Windows\System32\Drivers\etc\hosts => pomyÅ›lnie przeniesiono Hosts pomyÅ›lnie przywrócono. EmptyTemp: => 696.9 MB danych tymczasowych UsuniÄ™to. System wymagaÅ‚ restartu. ==== Koniec Fixlog 22:20:22 ====