Farbar Recovery Scan Tool (x64) Wersja:15-09-2015 Uruchomiony przez user (2015-09-17 13:19:07) Uruchomiony z C:\Users\user\Downloads Tryb startu: Normal ================== Szukaj w rejestrze: "ghokswa" =========== [HKEY_LOCAL_MACHINE\SOFTWARE\RegisteredApplications] "ghokswa"="SOFTWARE\Clients\StartMenuInternet\ghokswa\Capabilities" [HKEY_LOCAL_MACHINE\SOFTWARE\RegisteredApplications] "ghokswa"="SOFTWARE\Clients\StartMenuInternet\ghokswa\Capabilities" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Clients\StartMenuInternet\ghokswa] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Clients\StartMenuInternet\ghokswa] ""="ghokswaHTM" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Clients\StartMenuInternet\ghokswa\Capabilities] "ApplicationDescription"="ghokswaHTM" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Clients\StartMenuInternet\ghokswa\Capabilities] "ApplicationIcon"="C:\Program Files (x86)\ghokswa Browser\ghokswa\chrome.exe,0" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Clients\StartMenuInternet\ghokswa\Capabilities] "ApplicationName"="ghokswaHTM" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Clients\StartMenuInternet\ghokswa\Capabilities\FileAssociations] ".htm"="ghokswaHTM" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Clients\StartMenuInternet\ghokswa\Capabilities\FileAssociations] ".html"="ghokswaHTM" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Clients\StartMenuInternet\ghokswa\Capabilities\FileAssociations] ".shtml"="ghokswaHTM" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Clients\StartMenuInternet\ghokswa\Capabilities\FileAssociations] ".xht"="ghokswaHTM" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Clients\StartMenuInternet\ghokswa\Capabilities\FileAssociations] ".xhtml"="ghokswaHTM" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Clients\StartMenuInternet\ghokswa\Capabilities\StartMenu] "StartMenuInternet"="ghokswa" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Clients\StartMenuInternet\ghokswa\Capabilities\URLAssociations] "https"="ghokswaHTM" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Clients\StartMenuInternet\ghokswa\Capabilities\URLAssociations] "ftp"="ghokswaHTM" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Clients\StartMenuInternet\ghokswa\Capabilities\URLAssociations] "http"="ghokswaHTM" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Clients\StartMenuInternet\ghokswa\DefaultIcon] ""="C:\Program Files (x86)\ghokswa Browser\ghokswa\chrome.exe,0" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ghokswa] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ghokswa] "path"="C:\Program Files (x86)\ghokswa Browser\" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ghokswa] "publicdirectroy"="C:\Users\Public\Documents\ghokswa\" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ghokswa] "publicdirectroy_log"="C:\Users\Public\Documents\ghokswa\log\" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ghokswa] "publicdirectroy_dump"="C:\Users\Public\Documents\ghokswa\log\dump\" [HKEY_USERS\S-1-5-21-4009332864-2451881766-1519145934-1000\Software\ghokswa] [HKEY_USERS\S-1-5-21-4009332864-2451881766-1519145934-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\98bf3999_0] ""="{0.0.0.00000000}.{3fe2e605-ae52-4898-a0ed-6dbc22483c8e}|\Device\HarddiskVolume2\Program Files (x86)\ghokswa Browser\ghokswa\chrome.exe%b{00000000-0000-0000-0000-000000000000}" [HKEY_USERS\S-1-5-21-4009332864-2451881766-1519145934-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice] "Progid"="ghokswaHTM" [HKEY_USERS\S-1-5-21-4009332864-2451881766-1519145934-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice] "Progid"="ghokswaHTM" [HKEY_USERS\S-1-5-21-4009332864-2451881766-1519145934-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice] "Progid"="ghokswaHTM" [HKEY_USERS\S-1-5-21-4009332864-2451881766-1519145934-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice] "Progid"="ghokswaHTM" [HKEY_USERS\S-1-5-21-4009332864-2451881766-1519145934-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice] "Progid"="ghokswaHTM" [HKEY_USERS\S-1-5-21-4009332864-2451881766-1519145934-1000\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\ftp\UserChoice] "Progid"="ghokswaHTM" [HKEY_USERS\S-1-5-21-4009332864-2451881766-1519145934-1000\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\http\UserChoice] "Progid"="ghokswaHTM" [HKEY_USERS\S-1-5-21-4009332864-2451881766-1519145934-1000\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\https\UserChoice] "Progid"="ghokswaHTM" [HKEY_USERS\S-1-5-21-4009332864-2451881766-1519145934-1000\Software\Classes\ghokswaHTM] [HKEY_USERS\S-1-5-21-4009332864-2451881766-1519145934-1000\Software\Classes\ghokswaHTM\DefaultIcon] ""="C:\Program Files (x86)\ghokswa Browser\ghokswa\chrome.exe,0" [HKEY_USERS\S-1-5-21-4009332864-2451881766-1519145934-1000\Software\Classes\ghokswaHTM\shell\open\command] ""=""C:\Program Files (x86)\ghokswa Browser\ghokswa\chrome.exe" "%1"" [HKEY_USERS\S-1-5-21-4009332864-2451881766-1519145934-1000\Software\Classes\Wow6432Node\ghokswaHTM] [HKEY_USERS\S-1-5-21-4009332864-2451881766-1519145934-1000\Software\Classes\Wow6432Node\ghokswaHTM\DefaultIcon] ""="C:\Program Files (x86)\ghokswa Browser\ghokswa\chrome.exe,0" [HKEY_USERS\S-1-5-21-4009332864-2451881766-1519145934-1000\Software\Classes\Wow6432Node\ghokswaHTM\shell\open\command] ""=""C:\Program Files (x86)\ghokswa Browser\ghokswa\chrome.exe" "%1"" [HKEY_USERS\S-1-5-21-4009332864-2451881766-1519145934-1000_Classes\ghokswaHTM] [HKEY_USERS\S-1-5-21-4009332864-2451881766-1519145934-1000_Classes\ghokswaHTM\DefaultIcon] ""="C:\Program Files (x86)\ghokswa Browser\ghokswa\chrome.exe,0" [HKEY_USERS\S-1-5-21-4009332864-2451881766-1519145934-1000_Classes\ghokswaHTM\shell\open\command] ""=""C:\Program Files (x86)\ghokswa Browser\ghokswa\chrome.exe" "%1"" [HKEY_USERS\S-1-5-21-4009332864-2451881766-1519145934-1000_Classes\Wow6432Node\ghokswaHTM] [HKEY_USERS\S-1-5-21-4009332864-2451881766-1519145934-1000_Classes\Wow6432Node\ghokswaHTM\DefaultIcon] ""="C:\Program Files (x86)\ghokswa Browser\ghokswa\chrome.exe,0" [HKEY_USERS\S-1-5-21-4009332864-2451881766-1519145934-1000_Classes\Wow6432Node\ghokswaHTM\shell\open\command] ""=""C:\Program Files (x86)\ghokswa Browser\ghokswa\chrome.exe" "%1"" ====== Koniec Szukaj ======