Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 22-01-2017 Uruchomiony przez KubaDamaszk (22-01-2017 17:21:37) Run:7 Uruchomiony z C:\Users\KubaDamaszk\Documents\programy adware Załadowane profile: KubaDamaszk (Dostępne profile: KubaDamaszk & Administrator & Gość) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: RemoveDirectory: C:\Program Files (x86)\Fishhas HKLM\...\Policies\Explorer: [HideSCAHealth] 1 HKU\S-1-5-21-499711634-606110142-1186871544-1001\...\CurrentVersion\Windows: [Run] C:\Users\KubaDamaszk\AppData\Roaming\datasyst\sys.exe <===== UWAGA HKLM\...\Providers\grjsiaw4: C:\Program Files (x86)\Qazlegakepy Schedule\local64spl.dll [292352 2017-01-18] () C:\Program Files (x86)\Qazlegakepy Schedule ShellExecuteHooks: Brak nazwy - {CE1B435E-DB95-11E6-9921-64006A5CFC23} - -> Brak pliku HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amisites.com/?type=hp&ts=1484819910&z=679e23553294506efb1dd24gfz2b3zdb3g5t9t6g3g&from=che0812&uid=TOSHIBAXMQ01ABF050_Z3LTC8BPTXXZ3LTC8BPT HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amisites.com/?type=hp&ts=1484819910&z=679e23553294506efb1dd24gfz2b3zdb3g5t9t6g3g&from=che0812&uid=TOSHIBAXMQ01ABF050_Z3LTC8BPTXXZ3LTC8BPT HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.amisites.com/search/?type=ds&ts=1484819910&z=679e23553294506efb1dd24gfz2b3zdb3g5t9t6g3g&from=che0812&uid=TOSHIBAXMQ01ABF050_Z3LTC8BPTXXZ3LTC8BPT&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.amisites.com/search/?type=ds&ts=1484819910&z=679e23553294506efb1dd24gfz2b3zdb3g5t9t6g3g&from=che0812&uid=TOSHIBAXMQ01ABF050_Z3LTC8BPTXXZ3LTC8BPT&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.amisites.com/?type=hp&ts=1484819910&z=679e23553294506efb1dd24gfz2b3zdb3g5t9t6g3g&from=che0812&uid=TOSHIBAXMQ01ABF050_Z3LTC8BPTXXZ3LTC8BPT HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.amisites.com/?type=hp&ts=1484819910&z=679e23553294506efb1dd24gfz2b3zdb3g5t9t6g3g&from=che0812&uid=TOSHIBAXMQ01ABF050_Z3LTC8BPTXXZ3LTC8BPT HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.amisites.com/search/?type=ds&ts=1484819910&z=679e23553294506efb1dd24gfz2b3zdb3g5t9t6g3g&from=che0812&uid=TOSHIBAXMQ01ABF050_Z3LTC8BPTXXZ3LTC8BPT&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.amisites.com/search/?type=ds&ts=1484819910&z=679e23553294506efb1dd24gfz2b3zdb3g5t9t6g3g&from=che0812&uid=TOSHIBAXMQ01ABF050_Z3LTC8BPTXXZ3LTC8BPT&q={searchTerms} HKU\S-1-5-21-499711634-606110142-1186871544-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccYvGouH7veb0_qfADU3xjqZiIVgJ9tCTY1fjxjYpwsDksYinMPko3dSN4GPEH-y0jmxohLcYiHlInZ8NQu7eC8f7LWkJzhRH_sILV2BEYVJgq2NvYohvVfBs-1y_38K3pA1j2alTEmqEkcjCMJSkL7R-WZG8Q,,&q={searchTerms} HKU\S-1-5-21-499711634-606110142-1186871544-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amisites.com/?type=hp&ts=1484819910&z=679e23553294506efb1dd24gfz2b3zdb3g5t9t6g3g&from=che0812&uid=TOSHIBAXMQ01ABF050_Z3LTC8BPTXXZ3LTC8BPT HKU\S-1-5-21-499711634-606110142-1186871544-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.amisites.com/?type=hp&ts=1484819910&z=679e23553294506efb1dd24gfz2b3zdb3g5t9t6g3g&from=che0812&uid=TOSHIBAXMQ01ABF050_Z3LTC8BPTXXZ3LTC8BPT SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484819910&z=679e23553294506efb1dd24gfz2b3zdb3g5t9t6g3g&from=che0812&uid=TOSHIBAXMQ01ABF050_Z3LTC8BPTXXZ3LTC8BPT&q={searchTerms} SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccYvGouH7veb0_qfADU3xjqZiIVgJ9tCTY1fjxjYpwsDksYinMPko3dSN4GPEH-y0jmxohLcYiHlInZ8NQu7eC8f7LWkJzhRH_sILV2BEYVJgq2NvYohvVfBs-1y_38K3pA1j2alTEmqEkcjCMJSkL7R-WZG8Q,,&q={searchTerms} SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484819910&z=679e23553294506efb1dd24gfz2b3zdb3g5t9t6g3g&from=che0812&uid=TOSHIBAXMQ01ABF050_Z3LTC8BPTXXZ3LTC8BPT&q={searchTerms} SearchScopes: HKU\S-1-5-21-499711634-606110142-1186871544-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484905529&z=004fa85502041a5ebd0df3cg4z9b3z1t2e8w6w1c7e&from=che0812&uid=TOSHIBAXMQ01ABF050_Z3LTC8BPTXXZ3LTC8BPT&q={searchTerms} SearchScopes: HKU\S-1-5-21-499711634-606110142-1186871544-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484905529&z=004fa85502041a5ebd0df3cg4z9b3z1t2e8w6w1c7e&from=che0812&uid=TOSHIBAXMQ01ABF050_Z3LTC8BPTXXZ3LTC8BPT&q={searchTerms} SearchScopes: HKU\S-1-5-21-499711634-606110142-1186871544-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-499711634-606110142-1186871544-1001 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccYvGouH7veb0_qfADU3xjqZiIVgJ9tCTY1fjxjYpwsDksYinMPko3dSN4GPEH-y0jmxohLcYiHlInZ8NQu7eC8f7LWkJzhRH_sILV2BEYVJgq2NvYohvVfBs-1y_38K3pA1j2alTEmqEkcjCMJSkL7R-WZG8Q,,&q={searchTerms} R3 iThemes5; C:\Program Files (x86)\Common Files\Services\iThemes.dll [583680 2017-01-19] () [Brak podpisu cyfrowego] <==== UWAGA R2 Prijik; C:\Program Files (x86)\Foteingjokiy\Srhcloud.dll [138752 2017-01-18] () [Brak podpisu cyfrowego] R2 WinSAPSvc; C:\ProgramData\WinSAPSvc\WinSAP.dll [485376 2017-01-20] () [Brak podpisu cyfrowego] S2 ed2kidle; "C:\Program Files (x86)\amuleC2\ed2k.exe" -downloadwhenidle [X] R2 OperaFootballManager; C:\Program Files (x86)\Opera\OperaFootballManager.dll [224256 2017-01-18] () [Brak podpisu cyfrowego] R2 GubedZL; C:\Program Files (x86)\Gubed\GubedZL.dll [124416 2017-01-19] () [Brak podpisu cyfrowego] R2 FirefoxU; C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe [100352 2017-01-19] () [Brak podpisu cyfrowego] S4 CloudPrinter; C:\ProgramData\\CloudPrinter\\CloudPrinter.exe [982016 2017-01-18] () [Brak podpisu cyfrowego] C:\ProgramData\\CloudPrinter C:\Program Files (x86)\Firefox C:\Program Files (x86)\Gubed C:\Program Files (x86)\Opera C:\Program Files (x86)\Foteingjokiy C:\ProgramData\WinSAPSvc C:\Program Files (x86)\amuleC2 S3 ew_hwusbdev; \SystemRoot\system32\DRIVERS\ew_hwusbdev.sys [X] S3 ew_usbenumfilter; \SystemRoot\System32\drivers\ew_usbenumfilter.sys [X] S3 huawei_cdcacm; \SystemRoot\system32\DRIVERS\ew_jucdcacm.sys [X] S3 huawei_cdcecm; \SystemRoot\system32\DRIVERS\ew_jucdcecm.sys [X] S3 huawei_enumerator; \SystemRoot\System32\drivers\ew_jubusenum.sys [X] S3 huawei_ext_ctrl; \SystemRoot\System32\drivers\ew_juextctrl.sys [X] S3 massfilter; system32\drivers\massfilter.sys [X] S3 ZTEusbnet; \SystemRoot\system32\DRIVERS\ZTEusbnet.sys [X] S3 ZTEusbnmea; \SystemRoot\system32\DRIVERS\ZTEusbnmea.sys [X] S3 ZTEusbser6k; \SystemRoot\system32\DRIVERS\ZTEusbser6k.sys [X] 2017-01-18 02:12 - 2017-01-18 02:12 - 7316480 _____ () C:\Users\KubaDamaszk\AppData\Roaming\agent.dat 2017-01-18 02:12 - 2017-01-18 02:12 - 0054272 _____ () C:\Users\KubaDamaszk\AppData\Roaming\ApplicationHosting.dat 2017-01-18 02:12 - 2017-01-18 02:12 - 0070752 _____ () C:\Users\KubaDamaszk\AppData\Roaming\Config.xml 2017-01-18 02:11 - 2017-01-18 02:11 - 0016560 _____ () C:\Users\KubaDamaszk\AppData\Roaming\InstallationConfiguration.xml 2017-01-18 02:11 - 2017-01-18 02:11 - 0140288 _____ () C:\Users\KubaDamaszk\AppData\Roaming\Installer.dat 2017-01-18 02:12 - 2017-01-18 02:11 - 0982016 _____ () C:\Users\KubaDamaszk\AppData\Roaming\Jaytax.exe 2017-01-18 02:12 - 2017-01-18 02:12 - 0072787 _____ () C:\Users\KubaDamaszk\AppData\Roaming\Jaytax.tst 2017-01-18 02:12 - 2017-01-18 02:12 - 0126464 _____ () C:\Users\KubaDamaszk\AppData\Roaming\lobby.dat 2017-01-18 02:12 - 2017-01-18 02:12 - 0018432 _____ () C:\Users\KubaDamaszk\AppData\Roaming\Main.dat 2017-01-18 02:12 - 2017-01-18 02:12 - 0005568 _____ () C:\Users\KubaDamaszk\AppData\Roaming\md.xml 2017-01-18 02:12 - 2017-01-18 02:12 - 0126464 _____ () C:\Users\KubaDamaszk\AppData\Roaming\noah.dat 2017-01-18 02:12 - 2017-01-18 02:12 - 1938531 _____ () C:\Users\KubaDamaszk\AppData\Roaming\OntoStrong.bin 2017-01-18 02:12 - 2017-01-18 02:11 - 0982016 _____ () C:\Users\KubaDamaszk\AppData\Roaming\Stringfan.exe 2017-01-18 02:12 - 2017-01-18 02:12 - 1907662 _____ () C:\Users\KubaDamaszk\AppData\Roaming\Stringfan.tst 2017-01-18 02:12 - 2017-01-18 02:12 - 0032038 _____ () C:\Users\KubaDamaszk\AppData\Roaming\uninstall_temp.ico C:\Users\KubaDamaszk\dzavwkzx.exe C:\Users\KubaDamaszk\oklghvki.exe HKU\S-1-5-21-499711634-606110142-1186871544-1001\...\ChromeHTML: -> C:\Program Files (x86)\Fishhas\Application\chrome.exe (Google Inc.) <==== UWAGA Task: {EFDCDEFF-4C3B-40ED-B143-C30C81476994} - System32\Tasks\SteamClient => C:\Users\KubaDamaszk\AppData\Roaming\Steam\SteamHelper.exe [2015-10-09] (Valve Corporation) <==== UWAGA ShortcutWithArgument: C:\Users\KubaDamaszk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.amisites.com/?type=sc&ts=1484905529&z=004fa85502041a5ebd0df3cg4z9b3z1t2e8w6w1c7e&from=che0812&uid=TOSHIBAXMQ01ABF050_Z3LTC8BPTXXZ3LTC8BPT ShortcutWithArgument: C:\Users\KubaDamaszk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Fishhas\Application\chrome.exe (Google Inc.) -> hxxp://www.amisites.com/?type=sc&ts=1484905529&z=004fa85502041a5ebd0df3cg4z9b3z1t2e8w6w1c7e&from=che0812&uid=TOSHIBAXMQ01ABF050_Z3LTC8BPTXXZ3LTC8BPT ShortcutWithArgument: C:\Users\KubaDamaszk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\3373c9ebc3a5e445\Chromium.lnk -> C:\Program Files (x86)\SuperBird\superbird.exe (The Superbird Authors) -> --profile-directory=Default ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Firefox\Firefox.exe (Mozilla Corporation) -> hxxp://www.amisites.com/?type=sc&ts=1484905529&z=004fa85502041a5ebd0df3cg4z9b3z1t2e8w6w1c7e&from=che0812&uid=TOSHIBAXMQ01ABF050_Z3LTC8BPTXXZ3LTC8BPT HKU\S-1-5-21-499711634-606110142-1186871544-1001\Software\Classes\regfile: regedit.exe "%1" <===== UWAGA DeleteKey: HKCU\Software\Mozilla DeleteKey: HKCU\Software\MozillaPlugins DeleteKey: HKLM\SOFTWARE\Mozilla DeleteKey: HKLM\SOFTWARE\MozillaPlugins DeleteKey: HKLM\SOFTWARE\Wow6432Node\Mozilla DeleteKey: HKLM\SOFTWARE\Wow6432Node\mozilla.org DeleteKey: HKLM\SOFTWARE\Wow6432Node\MozillaPlugins C:\Users\KubaDamaszk\AppData\Local\Mozilla C:\Users\KubaDamaszk\AppData\Roaming\Mozilla C:\Users\KubaDamaszk\AppData\Roaming\Profiles Reg: reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Themes /s Reg: reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winmgmt /s Reg: reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BFE /s Reg: reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MpsSvc /s Reg: reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\mpsdrv /s EmptyTemp: ***************** Procesy zostały pomyślnie zamknięte. Błąd: (0) Nie udało się utworzyć punktu przywracania. "C:\Program Files (x86)\Fishhas" => pomyślnie usunięto. HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => Wartość pomyślnie usunięto HKU\S-1-5-21-499711634-606110142-1186871544-1001\Software\Microsoft\Windows NT\CurrentVersion\Windows\\Run => Wartość pomyślnie usunięto HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\grjsiaw4 => klucz pomyślnie usunięto HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\\order grjsiaw4 => pomyślnie usunięto C:\Program Files (x86)\Qazlegakepy Schedule => pomyślnie przeniesiono HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{CE1B435E-DB95-11E6-9921-64006A5CFC23} => Wartość pomyślnie usunięto HKCR\CLSID\{CE1B435E-DB95-11E6-9921-64006A5CFC23} => klucz nie znaleziono. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono HKU\S-1-5-21-499711634-606110142-1186871544-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono HKU\S-1-5-21-499711634-606110142-1186871544-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono HKU\S-1-5-21-499711634-606110142-1186871544-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie przywrócono HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => klucz pomyślnie usunięto HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => klucz nie znaleziono. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie przywrócono HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\ielnksrch => klucz pomyślnie usunięto HKCR\Wow6432Node\CLSID\ielnksrch => klucz nie znaleziono. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => klucz pomyślnie usunięto HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => klucz nie znaleziono. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => klucz pomyślnie usunięto HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => klucz nie znaleziono. HKU\S-1-5-21-499711634-606110142-1186871544-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie usunięto HKU\S-1-5-21-499711634-606110142-1186871544-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => klucz pomyślnie usunięto HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => klucz nie znaleziono. HKU\S-1-5-21-499711634-606110142-1186871544-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => klucz pomyślnie usunięto HKCR\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => klucz nie znaleziono. HKU\S-1-5-21-499711634-606110142-1186871544-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch} => klucz pomyślnie usunięto HKCR\CLSID\{ielnksrch} => klucz nie znaleziono. HKLM\System\CurrentControlSet\Services\iThemes5 => klucz pomyślnie usunięto iThemes5 => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\Themes\\DependOnService => Wartość pomyślnie usunięto HKLM\System\CurrentControlSet\Services\Prijik => klucz pomyślnie usunięto Prijik => serwis pomyślnie usunięto WinSAPSvc => Nie można zatrzymać usługi. HKLM\System\CurrentControlSet\Services\WinSAPSvc => klucz pomyślnie usunięto WinSAPSvc => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\ed2kidle => klucz pomyślnie usunięto ed2kidle => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\OperaFootballManager => klucz pomyślnie usunięto OperaFootballManager => serwis pomyślnie usunięto GubedZL => Nie można zatrzymać usługi. HKLM\System\CurrentControlSet\Services\GubedZL => klucz pomyślnie usunięto GubedZL => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\FirefoxU => klucz pomyślnie usunięto FirefoxU => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\CloudPrinter => klucz pomyślnie usunięto CloudPrinter => serwis pomyślnie usunięto C:\ProgramData\\CloudPrinter => pomyślnie przeniesiono C:\Program Files (x86)\Firefox => pomyślnie przeniesiono C:\Program Files (x86)\Gubed => pomyślnie przeniesiono C:\Program Files (x86)\Opera => pomyślnie przeniesiono C:\Program Files (x86)\Foteingjokiy => pomyślnie przeniesiono "C:\ProgramData\WinSAPSvc" folder - przenoszenie: Nie można przenieść "C:\ProgramData\WinSAPSvc" => Zaplanowany do przeniesienia przy restarcie. "C:\Program Files (x86)\amuleC2" => nie znaleziono. HKLM\System\CurrentControlSet\Services\ew_hwusbdev => klucz pomyślnie usunięto ew_hwusbdev => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\ew_usbenumfilter => klucz pomyślnie usunięto ew_usbenumfilter => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\huawei_cdcacm => klucz pomyślnie usunięto huawei_cdcacm => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\huawei_cdcecm => klucz pomyślnie usunięto huawei_cdcecm => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\huawei_enumerator => klucz pomyślnie usunięto huawei_enumerator => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\huawei_ext_ctrl => klucz pomyślnie usunięto huawei_ext_ctrl => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\massfilter => klucz pomyślnie usunięto massfilter => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\ZTEusbnet => klucz pomyślnie usunięto ZTEusbnet => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\ZTEusbnmea => klucz pomyślnie usunięto ZTEusbnmea => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\ZTEusbser6k => klucz pomyślnie usunięto ZTEusbser6k => serwis pomyślnie usunięto C:\Users\KubaDamaszk\AppData\Roaming\agent.dat => pomyślnie przeniesiono C:\Users\KubaDamaszk\AppData\Roaming\ApplicationHosting.dat => pomyślnie przeniesiono C:\Users\KubaDamaszk\AppData\Roaming\Config.xml => pomyślnie przeniesiono C:\Users\KubaDamaszk\AppData\Roaming\InstallationConfiguration.xml => pomyślnie przeniesiono C:\Users\KubaDamaszk\AppData\Roaming\Installer.dat => pomyślnie przeniesiono C:\Users\KubaDamaszk\AppData\Roaming\Jaytax.exe => pomyślnie przeniesiono C:\Users\KubaDamaszk\AppData\Roaming\Jaytax.tst => pomyślnie przeniesiono C:\Users\KubaDamaszk\AppData\Roaming\lobby.dat => pomyślnie przeniesiono C:\Users\KubaDamaszk\AppData\Roaming\Main.dat => pomyślnie przeniesiono C:\Users\KubaDamaszk\AppData\Roaming\md.xml => pomyślnie przeniesiono C:\Users\KubaDamaszk\AppData\Roaming\noah.dat => pomyślnie przeniesiono C:\Users\KubaDamaszk\AppData\Roaming\OntoStrong.bin => pomyślnie przeniesiono C:\Users\KubaDamaszk\AppData\Roaming\Stringfan.exe => pomyślnie przeniesiono C:\Users\KubaDamaszk\AppData\Roaming\Stringfan.tst => pomyślnie przeniesiono C:\Users\KubaDamaszk\AppData\Roaming\uninstall_temp.ico => pomyślnie przeniesiono C:\Users\KubaDamaszk\dzavwkzx.exe => pomyślnie przeniesiono C:\Users\KubaDamaszk\oklghvki.exe => pomyślnie przeniesiono HKU\S-1-5-21-499711634-606110142-1186871544-1001_Classes\ChromeHTML => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EFDCDEFF-4C3B-40ED-B143-C30C81476994} => klucz nie znaleziono. C:\Windows\System32\Tasks\SteamClient => pomyślnie przeniesiono HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SteamClient => klucz pomyślnie usunięto C:\Users\KubaDamaszk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => Skrót - argument pomyślnie usunięto. C:\Users\KubaDamaszk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk => Skrót - argument pomyślnie usunięto. C:\Users\KubaDamaszk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\3373c9ebc3a5e445\Chromium.lnk => Skrót - argument pomyślnie usunięto. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk => Skrót - argument pomyślnie usunięto. HKU\S-1-5-21-499711634-606110142-1186871544-1001\Software\Classes\regfile => klucz pomyślnie usunięto HKCU\Software\Mozilla => klucz pomyślnie usunięto HKCU\Software\MozillaPlugins => klucz pomyślnie usunięto HKLM\SOFTWARE\Mozilla => klucz pomyślnie usunięto HKLM\SOFTWARE\MozillaPlugins => klucz pomyślnie usunięto HKLM\SOFTWARE\Wow6432Node\Mozilla => klucz pomyślnie usunięto HKLM\SOFTWARE\Wow6432Node\mozilla.org => klucz pomyślnie usunięto HKLM\SOFTWARE\Wow6432Node\MozillaPlugins => klucz pomyślnie usunięto C:\Users\KubaDamaszk\AppData\Local\Mozilla => pomyślnie przeniesiono C:\Users\KubaDamaszk\AppData\Roaming\Mozilla => pomyślnie przeniesiono C:\Users\KubaDamaszk\AppData\Roaming\Profiles => pomyślnie przeniesiono ========= reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Themes /s ========= HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Themes Start REG_DWORD 0x2 DisplayName REG_SZ @%SystemRoot%\System32\themeservice.dll,-8192 ErrorControl REG_DWORD 0x1 Group REG_SZ ProfSvc_Group ImagePath REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs Type REG_DWORD 0x20 Description REG_SZ @%SystemRoot%\System32\themeservice.dll,-8193 ObjectName REG_SZ LocalSystem RequiredPrivileges REG_MULTI_SZ SeAssignPrimaryTokenPrivilege\0SeDebugPrivilege\0SeImpersonatePrivilege FailureActions REG_BINARY 80510100000000000000000003000000140000000100000060EA00000100000060EA00000000000000000000 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Themes\Parameters ServiceDllUnloadOnStop REG_DWORD 0x1 ServiceMain REG_SZ ThemeServiceMain ServiceDll REG_EXPAND_SZ %SystemRoot%\system32\themeservice.dll ========= Koniec Reg: ========= ========= reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winmgmt /s ========= HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winmgmt DisplayName REG_SZ @%Systemroot%\system32\wbem\wmisvc.dll,-205 ErrorControl REG_DWORD 0x0 ImagePath REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs Start REG_DWORD 0x2 Type REG_DWORD 0x20 Description REG_SZ @%Systemroot%\system32\wbem\wmisvc.dll,-204 DependOnService REG_MULTI_SZ RPCSS ObjectName REG_SZ localSystem ServiceSidType REG_DWORD 0x1 FailureActions REG_BINARY 805101000000000000000000030000001400000001000000C0D4010001000000E09304000000000000000000 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winmgmt\Parameters ServiceDllUnloadOnStop REG_DWORD 0x1 ServiceMain REG_SZ ServiceMain ServiceDll REG_EXPAND_SZ %SystemRoot%\system32\wbem\WMIsvc.dll ========= Koniec Reg: ========= ========= reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BFE /s ========= HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BFE DisplayName REG_SZ @%SystemRoot%\system32\bfe.dll,-1001 ErrorControl REG_DWORD 0x1 Group REG_SZ NetworkProvider ImagePath REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork Start REG_DWORD 0x2 Type REG_DWORD 0x20 Description REG_SZ @%SystemRoot%\system32\bfe.dll,-1002 DependOnService REG_MULTI_SZ RpcSs\0WfpLwfs ObjectName REG_SZ NT AUTHORITY\LocalService ServiceSidType REG_DWORD 0x3 RequiredPrivileges REG_MULTI_SZ SeAuditPrivilege FailureActions REG_BINARY 805101000000000000000000030000001400000001000000C0D4010001000000E09304000000000000000000 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BFE\Parameters ServiceDllUnloadOnStop REG_DWORD 0x1 ServiceMain REG_SZ BfeServiceMain ServiceDll REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BFE\Parameters\Policy HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BFE\Parameters\Policy\BootTime HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BFE\Parameters\Policy\BootTime\Filter {89a89b7c-b5ab-4ed6-bf05-d3059281a5c5} REG_BINARY 01100800CCCCCCCC800000000000000000000200000000002C00000000000000000000000000000000000000000000000400020000000000130201000000000004000000040000000800020002000000010000000C000200021000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF010000000B00000006000000030000000300000000004000 {84750a0c-b836-48e3-ab80-104985c857db} REG_BINARY 01100800CCCCCCCC800000000000000000000200000000002E00000000000000000000000000000000000000000000000400020000000000140201000000000004000000040000000800020002000000010000000C000200021000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF010000000B00000006000000030000000300000000004000 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BFE\Parameters\Policy\Options EnablePacketQueue REG_DWORD 0x0 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BFE\Parameters\Policy\Persistent HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BFE\Parameters\Policy\Persistent\Callout HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BFE\Parameters\Policy\Persistent\Filter {89a89b7c-b5ab-4ed6-bf05-d3059281a5c5} REG_BINARY 01100800CCCCCCCC18030000000000000000020005000000900100000400020068010000080002009001000001100800CCCCCCCC800100000000000000000200000000007C9BA889ABB5D64EBF05D3059281A5C50400020008000200020000000C0002000800000010000200E79FCDE1B5F4734296C0592E487B865041D4CDB390AFBA41A7457C6008FF230104000000040000001400020001000000180002000210000000000000000000000000000000000000000000000000000000000000000000000000000000000000130201000000000004000000040000001C0002001B000000000000001B00000041007000700043006F006E007400610069006E006500720042006F006F007400740069006D006500460069006C00740065007200000000001B000000000000001B00000041007000700043006F006E007400610069006E006500720042006F006F007400740069006D006500460069006C0074006500720000000000CA16CCDE333F4643BE1E8FB4AE0F3D6208000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF010000003BE22C6367515C4386D7E903684AA80C0600000003000000030000000000400000000000FFFFFFFFFFFFFFFF680100000100048C500100005C010000000000001400000002003C010900000000101800FF070F000102000000000005200000002002000000101800FF0703000102000000000005200000002C02000000102800FF070300010600000000000550000000F14110B836FC4D57A8AE0B7025210442844F113100102800FF07030001060000000000055000000049599D779156E555DCF4E20EA78BEBCA7B42135600102800F4030200010600000000000550000000443E41BB45BAA87A6CBD9268F4AD648FD5E670E900102800FF070300010600000000000550000000790978B5AFA1EDD8545E32F4FF1BC45FFDD9E04A00102800FF0703000106000000000005500000000AD8623AD9C60F181B65B5EBD66D2F8B7883395C00102800F40302000106000000000005500000006EBF1BBB45EFD2B14A3B45DB505B43270458D86B0010140050000000010100000000000100000000010100000000000513000000010100000000000513000000 {84750a0c-b836-48e3-ab80-104985c857db} REG_BINARY 01100800CCCCCCCC18030000000000000000020005000000900100000400020068010000080002009001000001100800CCCCCCCC800100000000000000000200000000000C0A758436B8E348AB80104985C857DB0400020008000200020000000C0002000800000010000200972CB4A3049F7246B87ECEE9C483257F41D4CDB390AFBA41A7457C6008FF230104000000040000001400020001000000180002000210000000000000000000000000000000000000000000000000000000000000000000000000000000000000140201000000000004000000040000001C0002001B000000000000001B00000041007000700043006F006E007400610069006E006500720042006F006F007400740069006D006500460069006C00740065007200000000001B000000000000001B00000041007000700043006F006E007400610069006E006500720042006F006F007400740069006D006500460069006C0074006500720000000000CA16CCDE333F4643BE1E8FB4AE0F3D6208000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF010000003BE22C6367515C4386D7E903684AA80C0600000003000000030000000000400000000000FFFFFFFFFFFFFFFF680100000100048C500100005C010000000000001400000002003C010900000000101800FF070F000102000000000005200000002002000000101800FF0703000102000000000005200000002C02000000102800FF070300010600000000000550000000F14110B836FC4D57A8AE0B7025210442844F113100102800FF07030001060000000000055000000049599D779156E555DCF4E20EA78BEBCA7B42135600102800F4030200010600000000000550000000443E41BB45BAA87A6CBD9268F4AD648FD5E670E900102800FF070300010600000000000550000000790978B5AFA1EDD8545E32F4FF1BC45FFDD9E04A00102800FF0703000106000000000005500000000AD8623AD9C60F181B65B5EBD66D2F8B7883395C00102800F40302000106000000000005500000006EBF1BBB45EFD2B14A3B45DB505B43270458D86B0010140050000000010100000000000100000000010100000000000513000000010100000000000513000000 {e72646bc-7d3f-4c5c-a679-b3716f8c6cc8} REG_BINARY 01100800CCCCCCCC18030000000000000000020005000000900100000400020068010000080002009001000001100800CCCCCCCC80010000000000000000020000000000BC4626E73F7D5C4CA679B3716F8C6CC80400020008000200010000000C0002000800000010000200E79FCDE1B5F4734296C0592E487B865041D4CDB390AFBA41A7457C6008FF230104000000040000001400020001000000180002000210000000000000000000000000000000000000000000000000000000000000000000000000000000000000150201000000000004000000040000001C0002001B000000000000001B00000041007000700043006F006E007400610069006E006500720042006F006F007400740069006D006500460069006C00740065007200000000001B000000000000001B00000041007000700043006F006E007400610069006E006500720042006F006F007400740069006D006500460069006C0074006500720000000000CA16CCDE333F4643BE1E8FB4AE0F3D6208000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF010000003BE22C6367515C4386D7E903684AA80C0600000003000000030000000000400000000000FFFFFFFFFFFFFFFF680100000100048C500100005C010000000000001400000002003C010900000000101800FF070F000102000000000005200000002002000000101800FF0703000102000000000005200000002C02000000102800FF070300010600000000000550000000F14110B836FC4D57A8AE0B7025210442844F113100102800FF07030001060000000000055000000049599D779156E555DCF4E20EA78BEBCA7B42135600102800F4030200010600000000000550000000443E41BB45BAA87A6CBD9268F4AD648FD5E670E900102800FF070300010600000000000550000000790978B5AFA1EDD8545E32F4FF1BC45FFDD9E04A00102800FF0703000106000000000005500000000AD8623AD9C60F181B65B5EBD66D2F8B7883395C00102800F40302000106000000000005500000006EBF1BBB45EFD2B14A3B45DB505B43270458D86B0010140050000000010100000000000100000000010100000000000513000000010100000000000513000000 {b98b75dc-17c0-4e84-bd4e-2080527ca6a6} REG_BINARY 01100800CCCCCCCC18030000000000000000020005000000900100000400020068010000080002009001000001100800CCCCCCCC80010000000000000000020000000000DC758BB9C017844EBD4E2080527CA6A60400020008000200010000000C0002000800000010000200972CB4A3049F7246B87ECEE9C483257F41D4CDB390AFBA41A7457C6008FF230104000000040000001400020001000000180002000210000000000000000000000000000000000000000000000000000000000000000000000000000000000000160201000000000004000000040000001C0002001B000000000000001B00000041007000700043006F006E007400610069006E006500720042006F006F007400740069006D006500460069006C00740065007200000000001B000000000000001B00000041007000700043006F006E007400610069006E006500720042006F006F007400740069006D006500460069006C0074006500720000000000CA16CCDE333F4643BE1E8FB4AE0F3D6208000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF010000003BE22C6367515C4386D7E903684AA80C0600000003000000030000000000400000000000FFFFFFFFFFFFFFFF680100000100048C500100005C010000000000001400000002003C010900000000101800FF070F000102000000000005200000002002000000101800FF0703000102000000000005200000002C02000000102800FF070300010600000000000550000000F14110B836FC4D57A8AE0B7025210442844F113100102800FF07030001060000000000055000000049599D779156E555DCF4E20EA78BEBCA7B42135600102800F4030200010600000000000550000000443E41BB45BAA87A6CBD9268F4AD648FD5E670E900102800FF070300010600000000000550000000790978B5AFA1EDD8545E32F4FF1BC45FFDD9E04A00102800FF0703000106000000000005500000000AD8623AD9C60F181B65B5EBD66D2F8B7883395C00102800F40302000106000000000005500000006EBF1BBB45EFD2B14A3B45DB505B43270458D86B0010140050000000010100000000000100000000010100000000000513000000010100000000000513000000 {b02a4013-b6b5-4859-9168-1e3299e43b24} REG_BINARY 01100800CCCCCCCCE0020000000000000000020005000000580100000400020068010000080002005801000001100800CCCCCCCC4801000000000000000002000000000013402AB0B5B6594891681E3299E43B240400020008000200010000000C0002000800000010000200972CB4A3049F7246B87ECEE9C483257F41D4CDB390AFBA41A7457C6008FF2302010000000100000000000000010000001400020001100000000000000000000000000000000000000000000000000000000000000000000000000000000000004F700100000000000400000004000000180002001F000000000000001F00000049006E007400650072006600610063006500200055006E002D00710075006100720061006E00740069006E0065002000660069006C007400650072000000000001000000000000000100000000000000CA16CCDE333F4643BE1E8FB4AE0F3D6208000000FFFFFFFFFFFFFFFF010000003BE22C6367515C4386D7E903684AA80C080000000300000003000000010000000000000002000000680100000100048C500100005C010000000000001400000002003C010900000000101800FF070F000102000000000005200000002002000000101800FF0703000102000000000005200000002C02000000102800FF070300010600000000000550000000F14110B836FC4D57A8AE0B7025210442844F113100102800FF07030001060000000000055000000049599D779156E555DCF4E20EA78BEBCA7B42135600102800F4030200010600000000000550000000443E41BB45BAA87A6CBD9268F4AD648FD5E670E900102800FF070300010600000000000550000000790978B5AFA1EDD8545E32F4FF1BC45FFDD9E04A00102800FF0703000106000000000005500000000AD8623AD9C60F181B65B5EBD66D2F8B7883395C00102800F40302000106000000000005500000006EBF1BBB45EFD2B14A3B45DB505B43270458D86B0010140050000000010100000000000100000000010100000000000513000000010100000000000513000000 {d870c96c-75ee-46a6-8a02-8e4401a73423} REG_BINARY 01100800CCCCCCCCE0020000000000000000020005000000580100000400020068010000080002005801000001100800CCCCCCCC480100000000000000000200000000006CC970D8EE75A6468A028E4401A734230400020008000200010000000C0002000800000010000200E79FCDE1B5F4734296C0592E487B865041D4CDB390AFBA41A7457C6008FF23020100000001000000000000000100000014000200011000000000000000000000000000000000000000000000000000000000000000000000000000000000000050700100000000000400000004000000180002001F000000000000001F00000049006E007400650072006600610063006500200055006E002D00710075006100720061006E00740069006E0065002000660069006C007400650072000000000001000000000000000100000000000000CA16CCDE333F4643BE1E8FB4AE0F3D6208000000FFFFFFFFFFFFFFFF010000003BE22C6367515C4386D7E903684AA80C080000000300000003000000010000000000000008000000680100000100048C500100005C010000000000001400000002003C010900000000101800FF070F000102000000000005200000002002000000101800FF0703000102000000000005200000002C02000000102800FF070300010600000000000550000000F14110B836FC4D57A8AE0B7025210442844F113100102800FF07030001060000000000055000000049599D779156E555DCF4E20EA78BEBCA7B42135600102800F4030200010600000000000550000000443E41BB45BAA87A6CBD9268F4AD648FD5E670E900102800FF070300010600000000000550000000790978B5AFA1EDD8545E32F4FF1BC45FFDD9E04A00102800FF0703000106000000000005500000000AD8623AD9C60F181B65B5EBD66D2F8B7883395C00102800F40302000106000000000005500000006EBF1BBB45EFD2B14A3B45DB505B43270458D86B0010140050000000010100000000000100000000010100000000000513000000010100000000000513000000 {8b50e2ec-7cf0-4b71-b42e-5b0536f6cab8} REG_BINARY 01100800CCCCCCCC00030000000000000000020005000000780100000400020068010000080002007801000001100800CCCCCCCC68010000000000000000020000000000ECE2508BF07C714BB42E5B0536F6CAB80400020008000200010000000C0002000800000010000200972CB4A3049F7246B87ECEE9C483257F41D4CDB390AFBA41A7457C6008FF23020100000001000000010000000200000014000200021000000000000000000000000000000000000000000000000000000000000000000000000000000000000051700100000000000400000004000000180002001F000000000000001F00000049006E007400650072006600610063006500200055006E002D00710075006100720061006E00740069006E0065002000660069006C007400650072000000000001000000000000000100000000000000CA16CCDE333F4643BE1E8FB4AE0F3D6208000000FFFFFFFFFFFFFFFF02000000DE90F98998E76D4EAB767C9558292E6F000000000300000003000000830000003BE22C6367515C4386D7E903684AA80C080000000300000003000000010000000000000802000010680100000100048C500100005C010000000000001400000002003C010900000000101800FF070F000102000000000005200000002002000000101800FF0703000102000000000005200000002C02000000102800FF070300010600000000000550000000F14110B836FC4D57A8AE0B7025210442844F113100102800FF07030001060000000000055000000049599D779156E555DCF4E20EA78BEBCA7B42135600102800F4030200010600000000000550000000443E41BB45BAA87A6CBD9268F4AD648FD5E670E900102800FF070300010600000000000550000000790978B5AFA1EDD8545E32F4FF1BC45FFDD9E04A00102800FF0703000106000000000005500000000AD8623AD9C60F181B65B5EBD66D2F8B7883395C00102800F40302000106000000000005500000006EBF1BBB45EFD2B14A3B45DB505B43270458D86B0010140050000000010100000000000100000000010100000000000513000000010100000000000513000000 {4137b143-2770-43d4-91a2-55bb0a069830} REG_BINARY 01100800CCCCCCCC00030000000000000000020005000000780100000400020068010000080002007801000001100800CCCCCCCC6801000000000000000002000000000043B137417027D44391A255BB0A0698300400020008000200010000000C0002000800000010000200E79FCDE1B5F4734296C0592E487B865041D4CDB390AFBA41A7457C6008FF23020100000001000000010000000200000014000200021000000000000000000000000000000000000000000000000000000000000000000000000000000000000052700100000000000400000004000000180002001F000000000000001F00000049006E007400650072006600610063006500200055006E002D00710075006100720061006E00740069006E0065002000660069006C007400650072000000000001000000000000000100000000000000CA16CCDE333F4643BE1E8FB4AE0F3D6208000000FFFFFFFFFFFFFFFF02000000DE90F98998E76D4EAB767C9558292E6F000000000300000003000000830000003BE22C6367515C4386D7E903684AA80C080000000300000003000000010000000000002008000010680100000100048C500100005C010000000000001400000002003C010900000000101800FF070F000102000000000005200000002002000000101800FF0703000102000000000005200000002C02000000102800FF070300010600000000000550000000F14110B836FC4D57A8AE0B7025210442844F113100102800FF07030001060000000000055000000049599D779156E555DCF4E20EA78BEBCA7B42135600102800F4030200010600000000000550000000443E41BB45BAA87A6CBD9268F4AD648FD5E670E900102800FF070300010600000000000550000000790978B5AFA1EDD8545E32F4FF1BC45FFDD9E04A00102800FF0703000106000000000005500000000AD8623AD9C60F181B65B5EBD66D2F8B7883395C00102800F40302000106000000000005500000006EBF1BBB45EFD2B14A3B45DB505B43270458D86B0010140050000000010100000000000100000000010100000000000513000000010100000000000513000000 {3180114b-8338-4740-9a16-444134ad62f4} REG_BINARY 01100800CCCCCCCC00030000000000000000020005000000780100000400020068010000080002007801000001100800CCCCCCCC680100000000000000000200000000004B118031388340479A16444134AD62F40400020008000200010000000C0002000800000010000200972CB4A3049F7246B87ECEE9C483257F41D4CDB390AFBA41A7457C6008FF23020100000001000000010000000200000014000200021000000000000000000000000000000000000000000000000000000000000000000000000000000000000053700100000000000400000004000000180002001F000000000000001F00000049006E007400650072006600610063006500200055006E002D00710075006100720061006E00740069006E0065002000660069006C007400650072000000000001000000000000000100000000000000CA16CCDE333F4643BE1E8FB4AE0F3D6208000000FFFFFFFFFFFFFFFF020000006C7C5397A3D96747A381E942675CD920000000000300000003000000830000003BE22C6367515C4386D7E903684AA80C060000000300000003000000040000000000000802000010680100000100048C500100005C010000000000001400000002003C010900000000101800FF070F000102000000000005200000002002000000101800FF0703000102000000000005200000002C02000000102800FF070300010600000000000550000000F14110B836FC4D57A8AE0B7025210442844F113100102800FF07030001060000000000055000000049599D779156E555DCF4E20EA78BEBCA7B42135600102800F4030200010600000000000550000000443E41BB45BAA87A6CBD9268F4AD648FD5E670E900102800FF070300010600000000000550000000790978B5AFA1EDD8545E32F4FF1BC45FFDD9E04A00102800FF0703000106000000000005500000000AD8623AD9C60F181B65B5EBD66D2F8B7883395C00102800F40302000106000000000005500000006EBF1BBB45EFD2B14A3B45DB505B43270458D86B0010140050000000010100000000000100000000010100000000000513000000010100000000000513000000 {17043d46-fac2-4561-bca1-0c7a05e95f5f} REG_BINARY 01100800CCCCCCCC00030000000000000000020005000000780100000400020068010000080002007801000001100800CCCCCCCC68010000000000000000020000000000463D0417C2FA6145BCA10C7A05E95F5F0400020008000200010000000C0002000800000010000200E79FCDE1B5F4734296C0592E487B865041D4CDB390AFBA41A7457C6008FF23020100000001000000010000000200000014000200021000000000000000000000000000000000000000000000000000000000000000000000000000000000000054700100000000000400000004000000180002001F000000000000001F00000049006E007400650072006600610063006500200055006E002D00710075006100720061006E00740069006E0065002000660069006C007400650072000000000001000000000000000100000000000000CA16CCDE333F4643BE1E8FB4AE0F3D6208000000FFFFFFFFFFFFFFFF020000006C7C5397A3D96747A381E942675CD920000000000300000003000000830000003BE22C6367515C4386D7E903684AA80C060000000300000003000000040000000000002008000010680100000100048C500100005C010000000000001400000002003C010900000000101800FF070F000102000000000005200000002002000000101800FF0703000102000000000005200000002C02000000102800FF070300010600000000000550000000F14110B836FC4D57A8AE0B7025210442844F113100102800FF07030001060000000000055000000049599D779156E555DCF4E20EA78BEBCA7B42135600102800F4030200010600000000000550000000443E41BB45BAA87A6CBD9268F4AD648FD5E670E900102800FF070300010600000000000550000000790978B5AFA1EDD8545E32F4FF1BC45FFDD9E04A00102800FF0703000106000000000005500000000AD8623AD9C60F181B65B5EBD66D2F8B7883395C00102800F40302000106000000000005500000006EBF1BBB45EFD2B14A3B45DB505B43270458D86B0010140050000000010100000000000100000000010100000000000513000000010100000000000513000000 {567d3836-3f5b-4067-b9c4-952f677010a2} REG_BINARY 01100800CCCCCCCC00030000000000000000020005000000780100000400020068010000080002007801000001100800CCCCCCCC6801000000000000000002000000000036387D565B3F6740B9C4952F677010A20400020008000200410000000C0002000800000010000200972CB4A3049F7246B87ECEE9C483257F41D4CDB390AFBA41A7457C6008FF23020100000001000000010000000200000014000200021000000000000000000000000000000000000000000000000000000000000000000000000000000000000055700100000000000400000004000000180002001F000000000000001F00000049006E007400650072006600610063006500200055006E002D00710075006100720061006E00740069006E0065002000660069006C007400650072000000000001000000000000000100000000000000CA16CCDE333F4643BE1E8FB4AE0F3D6208000000FFFFFFFFFFFFFFFF020000002BEF71393E629A4F8CB16E79B806B9A70000000001000000010000003A000000AFA11B0C65573F45AF22A8F791AC775B000000000200000002000000870000000000000000E00010680100000100048C500100005C010000000000001400000002003C010900000000101800FF070F000102000000000005200000002002000000101800FF0703000102000000000005200000002C02000000102800FF070300010600000000000550000000F14110B836FC4D57A8AE0B7025210442844F113100102800FF07030001060000000000055000000049599D779156E555DCF4E20EA78BEBCA7B42135600102800F4030200010600000000000550000000443E41BB45BAA87A6CBD9268F4AD648FD5E670E900102800FF070300010600000000000550000000790978B5AFA1EDD8545E32F4FF1BC45FFDD9E04A00102800FF0703000106000000000005500000000AD8623AD9C60F181B65B5EBD66D2F8B7883395C00102800F40302000106000000000005500000006EBF1BBB45EFD2B14A3B45DB505B43270458D86B0010140050000000010100000000000100000000010100000000000513000000010100000000000513000000 {4e718c57-c397-4221-9fbb-14fd51701d6a} REG_BINARY 01100800CCCCCCCC40030000000000000000020005000000B8010000040002006801000008000200B801000001100800CCCCCCCCA8010000000000000000020000000000578C714E97C321429FBB14FD51701D6A0400020008000200410000000C0002000800000010000200E79FCDE1B5F4734296C0592E487B865041D4CDB390AFBA41A7457C6008FF23020100000001000000010000000400000014000200021000000000000000000000000000000000000000000000000000000000000000000000000000000000000056700100000000000400000004000000180002001F000000000000001F00000049006E007400650072006600610063006500200055006E002D00710075006100720061006E00740069006E0065002000660069006C007400650072000000000001000000000000000100000000000000CA16CCDE333F4643BE1E8FB4AE0F3D6208000000FFFFFFFFFFFFFFFF040000002BEF71393E629A4F8CB16E79B806B9A700000000010000000100000011000000AFA11B0C65573F45AF22A8F791AC775B000000000200000002000000440000004D605AC32BD21A4E91B468F674EE674B000000000200000002000000430000003BE22C6367515C4386D7E903684AA80C080000000300000003000000010000000000000008830710680100000100048C500100005C010000000000001400000002003C010900000000101800FF070F000102000000000005200000002002000000101800FF0703000102000000000005200000002C02000000102800FF070300010600000000000550000000F14110B836FC4D57A8AE0B7025210442844F113100102800FF07030001060000000000055000000049599D779156E555DCF4E20EA78BEBCA7B42135600102800F4030200010600000000000550000000443E41BB45BAA87A6CBD9268F4AD648FD5E670E900102800FF070300010600000000000550000000790978B5AFA1EDD8545E32F4FF1BC45FFDD9E04A00102800FF0703000106000000000005500000000AD8623AD9C60F181B65B5EBD66D2F8B7883395C00102800F40302000106000000000005500000006EBF1BBB45EFD2B14A3B45DB505B43270458D86B0010140050000000010100000000000100000000010100000000000513000000010100000000000513000000 {3a90a266-1519-4d23-911b-e84cd0f02ab8} REG_BINARY 01100800CCCCCCCC40030000000000000000020005000000B8010000040002006801000008000200B801000001100800CCCCCCCCA801000000000000000002000000000066A2903A1915234D911BE84CD0F02AB80400020008000200410000000C0002000800000010000200972CB4A3049F7246B87ECEE9C483257F41D4CDB390AFBA41A7457C6008FF23020100000001000000010000000400000014000200021000000000000000000000000000000000000000000000000000000000000000000000000000000000000057700100000000000400000004000000180002001F000000000000001F00000049006E007400650072006600610063006500200055006E002D00710075006100720061006E00740069006E0065002000660069006C007400650072000000000001000000000000000100000000000000CA16CCDE333F4643BE1E8FB4AE0F3D6208000000FFFFFFFFFFFFFFFF040000002BEF71393E629A4F8CB16E79B806B9A700000000010000000100000011000000AFA11B0C65573F45AF22A8F791AC775B000000000200000002000000220200004D605AC32BD21A4E91B468F674EE674B000000000200000002000000230200003BE22C6367515C4386D7E903684AA80C0800000003000000030000000100000000000000C2E10010680100000100048C500100005C010000000000001400000002003C010900000000101800FF070F000102000000000005200000002002000000101800FF0703000102000000000005200000002C02000000102800FF070300010600000000000550000000F14110B836FC4D57A8AE0B7025210442844F113100102800FF07030001060000000000055000000049599D779156E555DCF4E20EA78BEBCA7B42135600102800F4030200010600000000000550000000443E41BB45BAA87A6CBD9268F4AD648FD5E670E900102800FF070300010600000000000550000000790978B5AFA1EDD8545E32F4FF1BC45FFDD9E04A00102800FF0703000106000000000005500000000AD8623AD9C60F181B65B5EBD66D2F8B7883395C00102800F40302000106000000000005500000006EBF1BBB45EFD2B14A3B45DB505B43270458D86B0010140050000000010100000000000100000000010100000000000513000000010100000000000513000000 {70694559-714a-4a38-a0cd-51439e06f1d8} REG_BINARY 01100800CCCCCCCC98030000000000000000020005000000100200000400020068010000080002001002000001100800CCCCCCCC00020000000000000000020000000000594569704A71384AA0CD51439E06F1D80400020008000200410000000C0002000800000010000200972CB4A3049F7246B87ECEE9C483257F41D4CDB390AFBA41A7457C6008FF230201000000010000000100000004000000140002000210000000000000000000000000000000000000000000000000000000000000000000000000000000000000587001000000000004000000040000002C0002001F000000000000001F00000049006E007400650072006600610063006500200055006E002D00710075006100720061006E00740069006E0065002000660069006C007400650072000000000001000000000000000100000000000000CA16CCDE333F4643BE1E8FB4AE0F3D6208000000FFFFFFFFFFFFFFFF040000002BEF71393E629A4F8CB16E79B806B9A70000000001000000010000003A000000AFA11B0C65573F45AF22A8F791AC775B00000000020000000200000086000000871E8ED74486A54E9437D809ECEFC971000000000C0000000C000000180002009AAE35B2641DB849A44C5FF3D9095045050000000201000002010000200002000E0000001C0002000E000000530079007300740065006D00000000000B0000000B000000240002000B0000000B00000028000200FE800000000000000000000000000000FE80FFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000020E00011680100000100048C500100005C010000000000001400000002003C010900000000101800FF070F000102000000000005200000002002000000101800FF0703000102000000000005200000002C02000000102800FF070300010600000000000550000000F14110B836FC4D57A8AE0B7025210442844F113100102800FF07030001060000000000055000000049599D779156E555DCF4E20EA78BEBCA7B42135600102800F4030200010600000000000550000000443E41BB45BAA87A6CBD9268F4AD648FD5E670E900102800FF070300010600000000000550000000790978B5AFA1EDD8545E32F4FF1BC45FFDD9E04A00102800FF0703000106000000000005500000000AD8623AD9C60F181B65B5EBD66D2F8B7883395C00102800F40302000106000000000005500000006EBF1BBB45EFD2B14A3B45DB505B43270458D86B0010140050000000010100000000000100000000010100000000000513000000010100000000000513000000 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BFE\Parameters\Policy\Persistent\Provider {decc16ca-3f33-4346-be1e-8fb4ae0f3d62} REG_BINARY 01100800CCCCCCCCF0000000000000000000020000000000D0000000040002000000000000000000D000000001100800CCCCCCCCC00000000000000000000200CA16CCDE333F4643BE1E8FB4AE0F3D6204000200080002000100000000000000000000000C00020018000000000000001800000040004600690072006500770061006C006C004100500049002E0064006C006C002C002D0032003300350030003100000018000000000000001800000040004600690072006500770061006C006C004100500049002E0064006C006C002C002D003200330035003000320000000700000000000000070000006D00700073007300760063000000000000000000 {4b153735-1049-4480-aab4-d1b9bdc03710} REG_BINARY 01100800CCCCCCCCF0000000000000000000020000000000D0000000040002000000000000000000D000000001100800CCCCCCCCC000000000000000000002003537154B49108044AAB4D1B9BDC0371004000200080002000100000000000000000000000C00020018000000000000001800000040004600690072006500770061006C006C004100500049002E0064006C006C002C002D0032003300350030003100000018000000000000001800000040004600690072006500770061006C006C004100500049002E0064006C006C002C002D003200330035003000320000000700000000000000070000006D00700073007300760063000000000000000000 {1bebc969-61a5-4732-a177-847a0817862a} REG_BINARY 01100800CCCCCCCC58020000000000000000020000000000D0000000040002006801000008000200D000000001100800CCCCCCCCC0000000000000000000020069C9EB1BA5613247A177847A0817862A04000200080002000100000000000000000000000C00020018000000000000001800000040004600690072006500770061006C006C004100500049002E0064006C006C002C002D0032003300350032003100000018000000000000001800000040004600690072006500770061006C006C004100500049002E0064006C006C002C002D003200330035003200320000000700000000000000070000004D005000530053005600430000000000680100000100048C500100005C010000000000001400000002003C010900000000101800FF070F000102000000000005200000002002000000101800FF0703000102000000000005200000002C02000000102800FF070300010600000000000550000000F14110B836FC4D57A8AE0B7025210442844F113100102800FF07030001060000000000055000000049599D779156E555DCF4E20EA78BEBCA7B42135600102800F4030200010600000000000550000000443E41BB45BAA87A6CBD9268F4AD648FD5E670E900102800FF070300010600000000000550000000790978B5AFA1EDD8545E32F4FF1BC45FFDD9E04A00102800FF0703000106000000000005500000000AD8623AD9C60F181B65B5EBD66D2F8B7883395C00102800F40302000106000000000005500000006EBF1BBB45EFD2B14A3B45DB505B43270458D86B0010140050000000010100000000000100000000010100000000000513000000010100000000000513000000 {aa6a7d87-7f8f-4d2a-be53-fda555cd5fe3} REG_BINARY 01100800CCCCCCCC50020000000000000000020000000000C8000000040002006801000008000200C800000001100800CCCCCCCCB80000000000000000000200877D6AAA8F7F2A4DBE53FDA555CD5FE304000200080002000100000000000000000000000C000200140000000000000014000000400070006F006C00730074006F00720065002E0064006C006C002C002D0035003000310033000000140000000000000014000000400070006F006C00730074006F00720065002E0064006C006C002C002D00350030003100340000000C000000000000000C00000050006F006C006900630079006100670065006E0074000000680100000100048C500100005C010000000000001400000002003C010900000000101800FF070F000102000000000005200000002002000000101800FF0703000102000000000005200000002C02000000102800FF070300010600000000000550000000F14110B836FC4D57A8AE0B7025210442844F113100102800FF07030001060000000000055000000049599D779156E555DCF4E20EA78BEBCA7B42135600102800F4030200010600000000000550000000443E41BB45BAA87A6CBD9268F4AD648FD5E670E900102800FF070300010600000000000550000000790978B5AFA1EDD8545E32F4FF1BC45FFDD9E04A00102800FF0703000106000000000005500000000AD8623AD9C60F181B65B5EBD66D2F8B7883395C00102800F40302000106000000000005500000006EBF1BBB45EFD2B14A3B45DB505B43270458D86B0010140050000000010100000000000100000000010100000000000514000000010100000000000514000000 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BFE\Parameters\Policy\Persistent\SubLayer {b3cdd441-af90-41ba-a745-7c6008ff2300} REG_BINARY 01100800CCCCCCCCC0000000000000000000020002000000A0000000040002000000000000000000A000000001100800CCCCCCCC90000000000000000000020041D4CDB390AFBA41A7457C6008FF23000400020008000200010000000C00020000000000000000000300000018000000000000001800000040004600690072006500770061006C006C004100500049002E0064006C006C002C002D00320033003500300031000000010000000000000001000000000000003537154B49108044AAB4D1B9BDC037100000000000000000 {b3cdd441-af90-41ba-a745-7c6008ff2301} REG_BINARY 01100800CCCCCCCCC0000000000000000000020002000000A0000000040002000000000000000000A000000001100800CCCCCCCC90000000000000000000020041D4CDB390AFBA41A7457C6008FF23010400020008000200010000000C00020000000000000000000200000018000000000000001800000040004600690072006500770061006C006C004100500049002E0064006C006C002C002D0032003300350030003100000001000000000000000100000000000000CA16CCDE333F4643BE1E8FB4AE0F3D620000000000000000 {b3cdd441-af90-41ba-a745-7c6008ff2302} REG_BINARY 01100800CCCCCCCC28020000000000000000020002000000A0000000040002006801000008000200A000000001100800CCCCCCCC90000000000000000000020041D4CDB390AFBA41A7457C6008FF23020400020008000200010000000C00020000000000000000000400000018000000000000001800000040004600690072006500770061006C006C004100500049002E0064006C006C002C002D00320033003500300031000000010000000000000001000000000000003537154B49108044AAB4D1B9BDC0371000000000680100000100048C500100005C010000000000001400000002003C010900000000101800FF070F000102000000000005200000002002000000101800FF0703000102000000000005200000002C02000000102800FF070300010600000000000550000000F14110B836FC4D57A8AE0B7025210442844F113100102800FF07030001060000000000055000000049599D779156E555DCF4E20EA78BEBCA7B42135600102800F4030200010600000000000550000000443E41BB45BAA87A6CBD9268F4AD648FD5E670E900102800FF070300010600000000000550000000790978B5AFA1EDD8545E32F4FF1BC45FFDD9E04A00102800FF0703000106000000000005500000000AD8623AD9C60F181B65B5EBD66D2F8B7883395C00102800F40302000106000000000005500000006EBF1BBB45EFD2B14A3B45DB505B43270458D86B0010140050000000010100000000000100000000010100000000000513000000010100000000000513000000 {9ba30013-c84e-47e5-ac6e-1e1aed72fa69} REG_BINARY 01100800CCCCCCCC28020000000000000000020002000000A0000000040002006801000008000200A000000001100800CCCCCCCC9000000000000000000002001300A39B4EC8E547AC6E1E1AED72FA690400020008000200010000000C000200000000000000000001A0000018000000000000001800000040004600690072006500770061006C006C004100500049002E0064006C006C002C002D003200330035003200310000000100000000000000010000000000000069C9EB1BA5613247A177847A0817862A00000000680100000100048C500100005C010000000000001400000002003C010900000000101800FF070F000102000000000005200000002002000000101800FF0703000102000000000005200000002C02000000102800FF070300010600000000000550000000F14110B836FC4D57A8AE0B7025210442844F113100102800FF07030001060000000000055000000049599D779156E555DCF4E20EA78BEBCA7B42135600102800F4030200010600000000000550000000443E41BB45BAA87A6CBD9268F4AD648FD5E670E900102800FF070300010600000000000550000000790978B5AFA1EDD8545E32F4FF1BC45FFDD9E04A00102800FF0703000106000000000005500000000AD8623AD9C60F181B65B5EBD66D2F8B7883395C00102800F40302000106000000000005500000006EBF1BBB45EFD2B14A3B45DB505B43270458D86B0010140050000000010100000000000100000000010100000000000513000000010100000000000513000000 ========= Koniec Reg: ========= ========= reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MpsSvc /s ========= HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MpsSvc DisplayName REG_SZ @%SystemRoot%\system32\FirewallAPI.dll,-23090 ErrorControl REG_DWORD 0x1 Group REG_SZ NetworkProvider ImagePath REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork Start REG_DWORD 0x4 Type REG_DWORD 0x20 Description REG_SZ @%SystemRoot%\system32\FirewallAPI.dll,-23091 DependOnService REG_MULTI_SZ mpsdrv\0bfe ObjectName REG_SZ NT Authority\LocalService ServiceSidType REG_DWORD 0x3 RequiredPrivileges REG_MULTI_SZ SeAssignPrimaryTokenPrivilege\0SeAuditPrivilege\0SeChangeNotifyPrivilege\0SeCreateGlobalPrivilege\0SeImpersonatePrivilege\0SeIncreaseQuotaPrivilege FailureActions REG_BINARY 805101000000000000000000030000001400000001000000C0D4010001000000E09304000000000000000000 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MpsSvc\Parameters ServiceDllUnloadOnStop REG_DWORD 0x1 ServiceDll REG_EXPAND_SZ %SystemRoot%\system32\mpssvc.dll HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MpsSvc\Parameters\ACService KnownApps REG_SZ S-1-15-2-1141404472-3582312691-3771565717-2155153689-4284170330-1053580937-782359393,S-1-15-2-413786399-3497379642-531169432-1175633435-3083429259-2317590812-1892764672,S-1-15-2-3873129616-3864902477-3117653462-838095904-2337665935-1018217662-2152729480,S-1-15-2-2608634532-1453884237-1118350049-1925931850-670756941-1603938316-3764965493,S-1-15-2-3676279713-3632409675-756843784-3388909659-2454753834-4233625902-1413163418 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MpsSvc\Parameters\ACService\AppCs HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MpsSvc\Parameters\AppCs HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MpsSvc\Parameters\PortKeywords HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MpsSvc\Parameters\PortKeywords\DHCP HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MpsSvc\Parameters\PortKeywords\IPTLSIn HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MpsSvc\Parameters\PortKeywords\IPTLSOut HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MpsSvc\Parameters\PortKeywords\RPC-EPMap HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MpsSvc\Parameters\PortKeywords\Teredo HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MpsSvc\Security Security REG_BINARY 01001480B4000000C0000000140000003000000002001C000100000002801400FF010F00010100000000000100000000020084000500000000001400FD01020001010000000000051200000000001800FF010F0001020000000000052000000020020000000014008D010200010100000000000504000000000014008D010200010100000000000506000000000028001500000001060000000000055000000049599D779156E555DCF4E20EA78BEBCA7B421356010100000000000512000000010100000000000512000000 ========= Koniec Reg: ========= ========= reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\mpsdrv /s ========= HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\mpsdrv DisplayName REG_SZ @%SystemRoot%\system32\FirewallAPI.dll,-23092 ErrorControl REG_DWORD 0x1 Group REG_SZ network ImagePath REG_EXPAND_SZ System32\drivers\mpsdrv.sys Start REG_DWORD 0x3 Type REG_DWORD 0x1 Description REG_SZ @%SystemRoot%\system32\FirewallAPI.dll,-23093 ========= Koniec Reg: ========= =========== EmptyTemp: ========== BITS transfer queue => 12582912 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10570037 B Java, Flash, Steam htmlcache => 107884678 B Windows/system/drivers => 49336759 B Edge => 0 B Chrome => 112640 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 11379867 B LocalService => 0 B NetworkService => 0 B KubaDamaszk => 416901609 B Administrator => 3798637 B Gość => 0 B RecycleBin => 1060800666 B EmptyTemp: => 1.6 GB danych tymczasowych Usunięto. ================================ Rezultat przenoszenia plików przy restarcie (Tryb startu: Normal) (Data i godzina: 22-01-2017 17:40:41) C:\ProgramData\WinSAPSvc => został pomyślnie przeniesiony ==== Koniec Fixlog 17:40:41 ====