Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 30-09-2016 Uruchomiony przez Kuba i Michał (01-10-2016 11:39:42) Run:1 Uruchomiony z C:\Users\Kuba i Michał\Desktop Załadowane profile: Kuba i Michał (Dostępne profile: Kuba i Michał & Kuba & Michał & DefaultAppPool) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: GroupPolicy: Ograniczenia <======= UWAGA Startup: C:\Users\Kuba i Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\einfo.exe [2016-09-28] () CustomCLSID: HKU\S-1-5-21-2670859206-3087183214-2171256421-1000_Classes\CLSID\{41B89628-3BF9-D1E3-385B-EC1E477BD28F}\InprocServer32 -> C:\Users\Kuba i Michał\AppData\Roaming\.minecraft\saves\Nowy świat\playerdata\a00bb2dd-3847-3b06-85a5-bdf0c869b306.txt () CustomCLSID: HKU\S-1-5-21-2670859206-3087183214-2171256421-1000_Classes\CLSID\{9C77117E-049E-1C48-2950-AB001B022A89}\InprocServer32 -> C:\Users\Kuba i Michał\AppData\Roaming\.minecraft\saves\Nowy świat-\data\Mineshaft.inf () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [Brak pliku] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [Brak pliku] Task: {01B82FEB-2FEA-4FDB-A1FE-01A926B06B66} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Brak pliku <==== UWAGA Task: {07CE7B31-C7C1-43B4-B482-0AA05F953FDD} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {1134E9A8-8395-401C-B872-202A5894F173} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {143DA133-667F-4AAD-8C93-7FC742D6731A} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {17A9195F-C078-48A7-AE95-916B24C41AF3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {1AA648AD-D8CF-4759-8400-3B042AA8C0C1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA Task: {1D6A95B1-CEEC-4DA8-A1C8-D1F2E2DB04E7} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {24A522B9-26BA-4E94-B918-1810F2274D3D} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {41A84CA8-E449-4BCA-B816-F18C62F256EA} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {44A89FCF-8DF1-45B7-ACFB-1E33FF61F8F0} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {44E790EF-4BA6-4C30-B738-C5F5C2083B66} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Brak pliku <==== UWAGA Task: {487A6CE3-1B91-4364-A961-3044C6EB39A8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA Task: {53F3150E-44D5-4D61-8F0B-3B69317295D2} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {56375E71-59CE-4F87-93CC-A96F1524607F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {61ECBEC7-7149-47B7-9E29-EC31ADE8B256} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {6489B22C-8840-4016-B8C3-FD979BC60FCF} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA Task: {69FCE008-65E2-4702-B071-6880EBF38A3B} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Brak pliku <==== UWAGA Task: {6A0C031B-EFE5-4451-B80B-FA1B4701AC0B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA Task: {6B77198A-B7C1-4CA3-8E13-EE3E855691BE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA Task: {7D67E329-0850-4D81-8B54-AE9C13FCF306} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {85533619-3A11-4D9C-BEBB-E7E6641C830D} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {8A5F7929-44F2-424F-AD21-2FB17101DCD2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA Task: {8C57B184-E0AC-47B1-A8B2-68C0DB6FF468} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA Task: {97043218-AA71-478C-95A3-21B323980277} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {9E18ED44-5AC6-42D6-AAD6-E38D1AE0EB06} - System32\Tasks\{539563CC-23A7-404B-BAE5-E9D5491D82A4} => pcalua.exe -a "D:\Program Files (x86)\Deluxe Ski Jump 4\Setup.exe" -d "D:\Program Files (x86)\Deluxe Ski Jump 4" Task: {A8420187-73E0-420F-A947-E552CF4FF391} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA Task: {AC3F17C5-5D79-458B-ADAD-5FB9C2C3C237} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {BAE9E25D-401A-4A58-9F2A-B76ED5F04221} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {BE639ED8-6B8A-450C-8F83-2B9C4ABEFFD3} - System32\Tasks\{AC7EEBDE-C856-4D68-B400-9E09F7FE87D4} => pcalua.exe -a "C:\Users\Kuba i Michał\Downloads\ME(v9.5.15.1730_1.5M)\setup.exe" -d "C:\Users\Kuba i Michał\Downloads\ME(v9.5.15.1730_1.5M)" Task: {D002887D-A383-4099-A7FB-61BC80E2D625} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {D35A1C42-F74D-44BA-8444-BDC9B98B0383} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA Task: {D9A832D0-AAE4-4F83-B6E4-4A8636D05AF4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA Task: {DAFD5D86-200A-4817-A8FD-BC115B4E86CD} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {DC56DAA5-BC1C-4846-AA96-CDC6C7FF7D3B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe Task: {DEDE361C-067B-4786-A542-9C0C552BC85B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {E58830CB-6465-47E7-B74F-15B2C30A7259} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {E87A98B3-F18D-4475-8675-342E7CEA4A28} - System32\Tasks\{2F64E152-E0AD-41F3-857F-9861B8B0D51D} => pcalua.exe -a "C:\Program Files (x86)\DS3_service\ScpService.exe" -d "C:\Program Files (x86)\DS3_service" Task: {F7AC6972-47A9-42D8-B4FB-DD7168A4FCCD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {F9E8EA9C-8D60-4255-9A31-5BB1B5B36871} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe Task: {FD879963-45A1-4658-9161-DEEF0DAB432B} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe DeleteKey: HKCU\Software\Google\Chrome\Extensions DeleteKey: HKCU\Software\Mozilla\Firefox\Extensions DeleteKey: HKCU\Software\MozillaPlugins DeleteKey: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center HKU\S-1-5-21-2670859206-3087183214-2171256421-1000\...\StartupApproved\Run: => "AceStream" R3 gkernel; C:\Users\Kuba i Michał\AppData\Local\Temp\gkernel.sys [44544 2016-09-28] () [Brak podpisu cyfrowego] U3 idsvc; Brak ImagePath U3 wpcsvc; Brak ImagePath CMD: netsh advfirewall reset CMD: type C:\ProgramData\uid.txt C:\ProgramData\uid.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightworks C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft C:\Users\Kuba\Desktop\Fallout 4.lnk C:\Users\Kuba i Michał\AppData\Roaming\uid.txt C:\Users\Kuba i Michał\AppData\Roaming\.minecraft\saves\Nowy świat\playerdata\a00bb2dd-3847-3b06-85a5-bdf0c869b306.txt C:\Users\Kuba i Michał\AppData\Roaming\.minecraft\saves\Nowy świat-\data\Mineshaft.inf C:\Users\Kuba i Michał\Desktop\decryptor.exe C:\Users\Kuba i Michał\Desktop\uid.txt C:\Users\Kuba i Michał\Desktop\Battlefield 4.lnk C:\Users\Kuba i Michał\Documents\decryptor.exe C:\Users\Kuba i Michał\Documents\uid.txt C:\Windows\ehome C:\Windows\System32\Tasks\Microsoft\Windows\Media Center EmptyTemp: ***************** Procesy zostały pomyślnie zamknięte. C:\WINDOWS\system32\GroupPolicy\Machine => pomyślnie przeniesiono C:\WINDOWS\system32\GroupPolicy\GPT.ini => pomyślnie przeniesiono C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => pomyślnie przeniesiono C:\Users\Kuba i Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\einfo.exe => nie znaleziono. "HKU\S-1-5-21-2670859206-3087183214-2171256421-1000_Classes\CLSID\{41B89628-3BF9-D1E3-385B-EC1E477BD28F}" => klucz pomyślnie usunięto "HKU\S-1-5-21-2670859206-3087183214-2171256421-1000_Classes\CLSID\{9C77117E-049E-1C48-2950-AB001B022A89}" => klucz pomyślnie usunięto "HKLM\Software\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5" => klucz pomyślnie usunięto "HKLM\Software\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{01B82FEB-2FEA-4FDB-A1FE-01A926B06B66}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01B82FEB-2FEA-4FDB-A1FE-01A926B06B66}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{07CE7B31-C7C1-43B4-B482-0AA05F953FDD}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07CE7B31-C7C1-43B4-B482-0AA05F953FDD}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RecordingRestart" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1134E9A8-8395-401C-B872-202A5894F173}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1134E9A8-8395-401C-B872-202A5894F173}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\SqlLiteRecoveryTask" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{143DA133-667F-4AAD-8C93-7FC742D6731A}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{143DA133-667F-4AAD-8C93-7FC742D6731A}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\InstallPlayReady" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{17A9195F-C078-48A7-AE95-916B24C41AF3}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17A9195F-C078-48A7-AE95-916B24C41AF3}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\mcupdate => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1AA648AD-D8CF-4759-8400-3B042AA8C0C1}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AA648AD-D8CF-4759-8400-3B042AA8C0C1}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1D6A95B1-CEEC-4DA8-A1C8-D1F2E2DB04E7}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D6A95B1-CEEC-4DA8-A1C8-D1F2E2DB04E7}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ConfigureInternetTimeService" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{24A522B9-26BA-4E94-B918-1810F2274D3D}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24A522B9-26BA-4E94-B918-1810F2274D3D}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RegisterSearch" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{41A84CA8-E449-4BCA-B816-F18C62F256EA}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41A84CA8-E449-4BCA-B816-F18C62F256EA}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\MediaCenterRecoveryTask" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{44A89FCF-8DF1-45B7-ACFB-1E33FF61F8F0}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44A89FCF-8DF1-45B7-ACFB-1E33FF61F8F0}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ActivateWindowsSearch" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{44E790EF-4BA6-4C30-B738-C5F5C2083B66}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44E790EF-4BA6-4C30-B738-C5F5C2083B66}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{487A6CE3-1B91-4364-A961-3044C6EB39A8}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{487A6CE3-1B91-4364-A961-3044C6EB39A8}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{53F3150E-44D5-4D61-8F0B-3B69317295D2}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53F3150E-44D5-4D61-8F0B-3B69317295D2}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\UpdateRecordPath" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{56375E71-59CE-4F87-93CC-A96F1524607F}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56375E71-59CE-4F87-93CC-A96F1524607F}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW1" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{61ECBEC7-7149-47B7-9E29-EC31ADE8B256}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61ECBEC7-7149-47B7-9E29-EC31ADE8B256}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURActivate" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6489B22C-8840-4016-B8C3-FD979BC60FCF}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6489B22C-8840-4016-B8C3-FD979BC60FCF}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{69FCE008-65E2-4702-B071-6880EBF38A3B}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69FCE008-65E2-4702-B071-6880EBF38A3B}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6A0C031B-EFE5-4451-B80B-FA1B4701AC0B}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A0C031B-EFE5-4451-B80B-FA1B4701AC0B}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6B77198A-B7C1-4CA3-8E13-EE3E855691BE}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B77198A-B7C1-4CA3-8E13-EE3E855691BE}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7D67E329-0850-4D81-8B54-AE9C13FCF306}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D67E329-0850-4D81-8B54-AE9C13FCF306}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate_scheduled" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{85533619-3A11-4D9C-BEBB-E7E6641C830D}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85533619-3A11-4D9C-BEBB-E7E6641C830D}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A5F7929-44F2-424F-AD21-2FB17101DCD2}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A5F7929-44F2-424F-AD21-2FB17101DCD2}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8C57B184-E0AC-47B1-A8B2-68C0DB6FF468}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C57B184-E0AC-47B1-A8B2-68C0DB6FF468}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{97043218-AA71-478C-95A3-21B323980277}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97043218-AA71-478C-95A3-21B323980277}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURDiscovery" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9E18ED44-5AC6-42D6-AAD6-E38D1AE0EB06}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E18ED44-5AC6-42D6-AAD6-E38D1AE0EB06}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\{539563CC-23A7-404B-BAE5-E9D5491D82A4} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{539563CC-23A7-404B-BAE5-E9D5491D82A4}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A8420187-73E0-420F-A947-E552CF4FF391}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A8420187-73E0-420F-A947-E552CF4FF391}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC3F17C5-5D79-458B-ADAD-5FB9C2C3C237}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC3F17C5-5D79-458B-ADAD-5FB9C2C3C237}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrRecoveryTask" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BAE9E25D-401A-4A58-9F2A-B76ED5F04221}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BAE9E25D-401A-4A58-9F2A-B76ED5F04221}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\DispatchRecoveryTasks" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BE639ED8-6B8A-450C-8F83-2B9C4ABEFFD3}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE639ED8-6B8A-450C-8F83-2B9C4ABEFFD3}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\{AC7EEBDE-C856-4D68-B400-9E09F7FE87D4} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{AC7EEBDE-C856-4D68-B400-9E09F7FE87D4}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D002887D-A383-4099-A7FB-61BC80E2D625}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D002887D-A383-4099-A7FB-61BC80E2D625}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW2" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D35A1C42-F74D-44BA-8444-BDC9B98B0383}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D35A1C42-F74D-44BA-8444-BDC9B98B0383}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D9A832D0-AAE4-4F83-B6E4-4A8636D05AF4}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D9A832D0-AAE4-4F83-B6E4-4A8636D05AF4}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DAFD5D86-200A-4817-A8FD-BC115B4E86CD}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DAFD5D86-200A-4817-A8FD-BC115B4E86CD}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PeriodicScanRetry" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DC56DAA5-BC1C-4846-AA96-CDC6C7FF7D3B}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC56DAA5-BC1C-4846-AA96-CDC6C7FF7D3B}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\OfficeTelemetryAgentLogOn" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DEDE361C-067B-4786-A542-9C0C552BC85B}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DEDE361C-067B-4786-A542-9C0C552BC85B}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrScheduleTask" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E58830CB-6465-47E7-B74F-15B2C30A7259}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E58830CB-6465-47E7-B74F-15B2C30A7259}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ehDRMInit" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E87A98B3-F18D-4475-8675-342E7CEA4A28}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E87A98B3-F18D-4475-8675-342E7CEA4A28}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\{2F64E152-E0AD-41F3-857F-9861B8B0D51D} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2F64E152-E0AD-41F3-857F-9861B8B0D51D}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F7AC6972-47A9-42D8-B4FB-DD7168A4FCCD}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7AC6972-47A9-42D8-B4FB-DD7168A4FCCD}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscovery" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F9E8EA9C-8D60-4255-9A31-5BB1B5B36871}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9E8EA9C-8D60-4255-9A31-5BB1B5B36871}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\OfficeTelemetryAgentFallBack" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD879963-45A1-4658-9161-DEEF0DAB432B}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD879963-45A1-4658-9161-DEEF0DAB432B}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ReindexSearchRoot" => klucz pomyślnie usunięto HKCU\Software\Google\Chrome\Extensions => klucz pomyślnie usunięto HKCU\Software\Mozilla\Firefox\Extensions => klucz pomyślnie usunięto HKCU\Software\MozillaPlugins => niepowodzenie przy usuwaniu w pierwszym podejściu (ErrorCode: C0000121), zobacz kolejną linię. HKCU\Software\MozillaPlugins => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg => niepowodzenie przy usuwaniu w pierwszym podejściu (ErrorCode: C0000121), zobacz kolejną linię. HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center => klucz pomyślnie usunięto HKU\S-1-5-21-2670859206-3087183214-2171256421-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\AceStream => Wartość pomyślnie usunięto HKU\S-1-5-21-2670859206-3087183214-2171256421-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\AceStream => Wartość nie znaleziono. gkernel => Nie można zatrzymać usługi. gkernel => serwis pomyślnie usunięto idsvc => serwis pomyślnie usunięto wpcsvc => serwis pomyślnie usunięto ========= netsh advfirewall reset ========= Ok. ========= Koniec CMD: ========= ========= type C:\ProgramData\uid.txt ========= Your UID: U1CYTPRSN7 ========= Koniec CMD: ========= C:\ProgramData\uid.txt => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightworks => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft => pomyślnie przeniesiono C:\Users\Kuba\Desktop\Fallout 4.lnk => pomyślnie przeniesiono C:\Users\Kuba i Michał\AppData\Roaming\uid.txt => pomyślnie przeniesiono C:\Users\Kuba i Michał\AppData\Roaming\.minecraft\saves\Nowy świat\playerdata\a00bb2dd-3847-3b06-85a5-bdf0c869b306.txt => pomyślnie przeniesiono C:\Users\Kuba i Michał\AppData\Roaming\.minecraft\saves\Nowy świat-\data\Mineshaft.inf => pomyślnie przeniesiono C:\Users\Kuba i Michał\Desktop\decryptor.exe => pomyślnie przeniesiono C:\Users\Kuba i Michał\Desktop\uid.txt => pomyślnie przeniesiono C:\Users\Kuba i Michał\Desktop\Battlefield 4.lnk => pomyślnie przeniesiono C:\Users\Kuba i Michał\Documents\decryptor.exe => pomyślnie przeniesiono C:\Users\Kuba i Michał\Documents\uid.txt => pomyślnie przeniesiono C:\Windows\ehome => pomyślnie przeniesiono C:\Windows\System32\Tasks\Microsoft\Windows\Media Center => pomyślnie przeniesiono =========== EmptyTemp: ========== BITS transfer queue => 1120853 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 40288477 B Java, Flash, Steam htmlcache => 6751 B Windows/system/drivers => 50174619 B Edge => 2302615 B Chrome => 126566964 B Firefox => 364534439 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 128 B systemprofile32 => 128 B LocalService => 1984664 B NetworkService => 6712 B Kuba i Michał => 79332387 B Kuba => 57902513 B Michał => 34202 B DefaultAppPool => 0 B RecycleBin => 0 B EmptyTemp: => 690.7 MB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 11:40:27 ====