Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja:04-10-2015 Uruchomiony przez Admin (2015-10-06 11:28:24) Run:3 Uruchomiony z C:\Users\Admin\Desktop Załadowane profile: Admin (Dostępne profile: Admin) Tryb startu: Safe Mode (minimal) ============================================== fixlist - zawartość: ***************** CloseProcesses: DisableService: E07249B R1 {b50d0351-887b-4ba2-b70c-fa22f9790730}Gw64; C:\Windows\System32\drivers\{b50d0351-887b-4ba2-b70c-fa22f9790730}Gw64.sys [48784 2015-10-05] (StdLib) R2 gyvixodu; C:\Program Files (x86)\27DAD760-1444063731-11D9-BB64-5404A6A214B1\hnsaBF84.tmp [203776 2015-10-05] () [Brak podpisu cyfrowego] R2 lehicewu; C:\Program Files (x86)\27DAD760-1444063731-11D9-BB64-5404A6A214B1\jnskA760.tmp [181760 2015-10-05] () [Brak podpisu cyfrowego] S2 NetTcpHandler; C:\Users\Admin\AppData\Roaming\NetService\netservice.exe [173088 2015-07-09] () R2 SSFK; C:\Program Files (x86)\SFK\SSFK.exe [458400 2015-10-05] (TODO: <公司名>) R2 Update Web Amplified; C:\Program Files (x86)\Web Amplified\updateWebAmplified.exe [460536 2015-10-05] () R2 Util Web Amplified; C:\Program Files (x86)\Web Amplified\bin\utilWebAmplified.exe [460536 2015-10-05] () R2 WdsManPro; C:\ProgramData\tWdsManProt\WdsManPro.exe [442504 2015-10-05] (DTools LIMITED) R2 WindowsMangerProtect; C:\ProgramData\9WinManPro9\ProtectWindowsManager.exe [708264 2015-08-17] (DTools LIMITED) <==== UWAGA R1 wwfd_vt_1_10_0_24; C:\Windows\System32\drivers\wwfd_vt_1_10_0_24.sys [61312 2015-09-02] (WordWizard) R2 wwsvc_1.10.0.24; C:\Program Files (x86)\WordWizard_1.10.0.24\Service\wwsvc.exe [301656 2015-09-02] (WordWizard) R2 xoluboru; C:\Program Files (x86)\27DAD760-1444063731-11D9-BB64-5404A6A214B1\knspC6FD.tmp [346112 2015-10-05] () [Brak podpisu cyfrowego] Task: {01850DB9-795D-41EE-B0C4-5242AD333CF9} - System32\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-4 => C:\Program Files (x86)\CinemaP-1.9cV05.10\a929e9f6-b235-4ae4-b8e7-591c45f1670d-4.exe [2015-10-05] (Cinema PlusV05.10) <==== UWAGA Task: {02F0F047-DDAC-44D7-8045-BBC27642C325} - System32\Tasks\WordWizard Auto Updater 1.10.0.24 Pending Update => C:\Program Files (x86)\WordWizard_1.10.0.24\Update\WordwizardAutoUpdateClient.exe [2015-09-02] (WordWizard) Task: {047553BA-E03A-4B40-BA0C-1C825F0E77ED} - System32\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-10_user => C:\Program Files (x86)\CinemaPlus-3.2cV05.10\6055b7eb-df8d-4281-afd8-560810fc40d7-10.exe [2015-10-05] (Cinema PlusV05.10) <==== UWAGA Task: {07E80383-D18B-4AC8-9859-7AA9F4F050C5} - System32\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-5 => C:\Program Files (x86)\CinemaP-1.9cV05.10\a929e9f6-b235-4ae4-b8e7-591c45f1670d-5.exe [2015-10-05] (Cinema PlusV05.10) <==== UWAGA Task: {45BE8743-9CC1-4E05-9ADA-83703A748B59} - System32\Tasks\MyBrowser => C:\Program Files (x86)\MyBrowser\MyBrowser\Application\utility.exe [2015-10-05] () Task: {47F8F3E7-CF9F-4F73-9C36-12DAC6B0EE0D} - System32\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-1-7 => C:\Program Files (x86)\CinemaPlus-3.2cV05.10\6055b7eb-df8d-4281-afd8-560810fc40d7-1-7.exe [2015-10-05] (Cinema PlusV05.10) <==== UWAGA Task: {4A9F7F78-DA08-4683-81F9-EBA0BED42B79} - System32\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-4 => C:\Program Files (x86)\CinemaPlus-3.2cV05.10\6055b7eb-df8d-4281-afd8-560810fc40d7-4.exe [2015-10-05] (Cinema PlusV05.10) <==== UWAGA Task: {6BA3F1A0-C70B-4B4C-95F2-B33CBCFBA75D} - System32\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-1-7 => C:\Program Files (x86)\CinemaP-1.9cV05.10\a929e9f6-b235-4ae4-b8e7-591c45f1670d-1-7.exe [2015-10-05] (Cinema PlusV05.10) <==== UWAGA Task: {70ED1F79-0B60-4BD1-80F2-42B8EA1DB06A} - System32\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-5_user => C:\Program Files (x86)\CinemaPlus-3.2cV05.10\6055b7eb-df8d-4281-afd8-560810fc40d7-5.exe [2015-10-05] (Cinema PlusV05.10) <==== UWAGA Task: {748891BD-1EE0-4492-84C8-B787579ABEED} - System32\Tasks\Crossbrowse => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe [2015-10-05] () <==== UWAGA Task: {826DF2FE-21CC-4C72-AA3C-A89A528F063F} - System32\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-5 => C:\Program Files (x86)\CinemaPlus-3.2cV05.10\6055b7eb-df8d-4281-afd8-560810fc40d7-5.exe [2015-10-05] (Cinema PlusV05.10) <==== UWAGA Task: {A2EAEC6E-5D8D-4756-8725-D661EF00E3F1} - System32\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-10_user => C:\Program Files (x86)\CinemaP-1.9cV05.10\a929e9f6-b235-4ae4-b8e7-591c45f1670d-10.exe [2015-10-05] (Cinema PlusV05.10) <==== UWAGA Task: {A9E3407B-5730-4DF5-AA87-C6885D5E2F30} - System32\Tasks\AmiUpdXp => C:\Users\Admin\AppData\Local\891\Updater.exe [2015-10-05] () <==== UWAGA Task: {BB72F97F-B528-437B-BDA2-7E156DBB84D3} - System32\Tasks\{28511603-1814-48B9-843A-AD3AD921E4E5} => pcalua.exe -a C:\Users\Admin\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=cor Task: {CE33C86C-9D85-436C-B85F-0AD03E841D75} - System32\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-1-6 => C:\Program Files (x86)\CinemaP-1.9cV05.10\a929e9f6-b235-4ae4-b8e7-591c45f1670d-1-6.exe [2015-10-05] (Cinema PlusV05.10) <==== UWAGA Task: {D38A480F-DB11-4877-81A9-394D7D46A2D3} - System32\Tasks\WordWizard Auto Updater 1.10.0.24 Core => C:\Program Files (x86)\WordWizard_1.10.0.24\Update\WordwizardAutoUpdateClient.exe [2015-09-02] (WordWizard) Task: {D5D6FA99-2EC1-4729-8BB3-B3F4AA2BBCE7} - System32\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-1-6 => C:\Program Files (x86)\CinemaPlus-3.2cV05.10\6055b7eb-df8d-4281-afd8-560810fc40d7-1-6.exe [2015-10-05] (Cinema PlusV05.10) <==== UWAGA Task: {E53D6FE4-6B1D-4090-B03B-D36886CAFFC4} - System32\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-5_user => C:\Program Files (x86)\CinemaP-1.9cV05.10\a929e9f6-b235-4ae4-b8e7-591c45f1670d-5.exe [2015-10-05] (Cinema PlusV05.10) <==== UWAGA Task: C:\Windows\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-1-6.job => C:\Program Files (x86)\CinemaPlus-3.2cV05.10\6055b7eb-df8d-4281-afd8-560810fc40d7-1-6.exe <==== UWAGA Task: C:\Windows\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-1-7.job => C:\Program Files (x86)\CinemaPlus-3.2cV05.10\6055b7eb-df8d-4281-afd8-560810fc40d7-1-7.exe <==== UWAGA Task: C:\Windows\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-10_user.job => C:\Program Files (x86)\CinemaPlus-3.2cV05.10\6055b7eb-df8d-4281-afd8-560810fc40d7-10.exe <==== UWAGA Task: C:\Windows\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-4.job => C:\Program Files (x86)\CinemaPlus-3.2cV05.10\6055b7eb-df8d-4281-afd8-560810fc40d7-4.exe <==== UWAGA Task: C:\Windows\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-5.job => C:\Program Files (x86)\CinemaPlus-3.2cV05.10\6055b7eb-df8d-4281-afd8-560810fc40d7-5.exe <==== UWAGA Task: C:\Windows\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-5_user.job => C:\Program Files (x86)\CinemaPlus-3.2cV05.10\6055b7eb-df8d-4281-afd8-560810fc40d7-5.exe <==== UWAGA Task: C:\Windows\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-1-6.job => C:\Program Files (x86)\CinemaP-1.9cV05.10\a929e9f6-b235-4ae4-b8e7-591c45f1670d-1-6.exe <==== UWAGA Task: C:\Windows\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-1-7.job => C:\Program Files (x86)\CinemaP-1.9cV05.10\a929e9f6-b235-4ae4-b8e7-591c45f1670d-1-7.exe <==== UWAGA Task: C:\Windows\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-10_user.job => C:\Program Files (x86)\CinemaP-1.9cV05.10\a929e9f6-b235-4ae4-b8e7-591c45f1670d-10.exe <==== UWAGA Task: C:\Windows\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-4.job => C:\Program Files (x86)\CinemaP-1.9cV05.10\a929e9f6-b235-4ae4-b8e7-591c45f1670d-4.exe <==== UWAGA Task: C:\Windows\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-5.job => C:\Program Files (x86)\CinemaP-1.9cV05.10\a929e9f6-b235-4ae4-b8e7-591c45f1670d-5.exe <==== UWAGA Task: C:\Windows\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-5_user.job => C:\Program Files (x86)\CinemaP-1.9cV05.10\a929e9f6-b235-4ae4-b8e7-591c45f1670d-5.exe <==== UWAGA Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Admin\AppData\Local\891\Updater.exe <==== UWAGA Task: C:\Windows\Tasks\Crossbrowse.job => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== UWAGA Task: C:\Windows\Tasks\MyBrowser.job => C:\Program Files (x86)\MyBrowser\MyBrowser\Application\utility.exe HKLM-x32\...\RunOnce: [Update] => C:\Users\Admin\AppData\Roaming\ASPackage\ASPackage.exe [827339 2015-10-05] () HKU\S-1-5-21-1156661441-3988215128-3090756461-1000\...\Run: [GoogleChromeAutoLaunch_3C42015D2638AD59A9C14E09DD1E3050] => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe [770048 2015-05-11] (Crossbrowse) HKU\S-1-5-21-1156661441-3988215128-3090756461-1000\...\Run: [GoogleChromeAutoLaunch_707AB4DC4851505403C8FD2DF14CF292] => C:\Program Files (x86)\MyBrowser\MyBrowser\Application\mybrowser.exe [636928 2015-08-29] (MyBrowser) Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk [2015-10-05] GroupPolicy: Ograniczenia - Chrome <======= UWAGA CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1439816538&z=cf38def759dd46328383db2gez2c4tbbeg7q6zfz1z&from=cor&uid=ST3200820AS_5QE06E4WXXXX5QE06E4W HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1439816538&z=cf38def759dd46328383db2gez2c4tbbeg7q6zfz1z&from=cor&uid=ST3200820AS_5QE06E4WXXXX5QE06E4W HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1439816538&z=cf38def759dd46328383db2gez2c4tbbeg7q6zfz1z&from=cor&uid=ST3200820AS_5QE06E4WXXXX5QE06E4W&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1439816538&z=cf38def759dd46328383db2gez2c4tbbeg7q6zfz1z&from=cor&uid=ST3200820AS_5QE06E4WXXXX5QE06E4W&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1439816538&z=cf38def759dd46328383db2gez2c4tbbeg7q6zfz1z&from=cor&uid=ST3200820AS_5QE06E4WXXXX5QE06E4W HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1439816538&z=cf38def759dd46328383db2gez2c4tbbeg7q6zfz1z&from=cor&uid=ST3200820AS_5QE06E4WXXXX5QE06E4W HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1439816538&z=cf38def759dd46328383db2gez2c4tbbeg7q6zfz1z&from=cor&uid=ST3200820AS_5QE06E4WXXXX5QE06E4W&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1439816538&z=cf38def759dd46328383db2gez2c4tbbeg7q6zfz1z&from=cor&uid=ST3200820AS_5QE06E4WXXXX5QE06E4W&q={searchTerms} SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1439816538&z=cf38def759dd46328383db2gez2c4tbbeg7q6zfz1z&from=cor&uid=ST3200820AS_5QE06E4WXXXX5QE06E4W&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1439816538&z=cf38def759dd46328383db2gez2c4tbbeg7q6zfz1z&from=cor&uid=ST3200820AS_5QE06E4WXXXX5QE06E4W&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1439816538&z=cf38def759dd46328383db2gez2c4tbbeg7q6zfz1z&from=cor&uid=ST3200820AS_5QE06E4WXXXX5QE06E4W&q={searchTerms} SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1439816538&z=cf38def759dd46328383db2gez2c4tbbeg7q6zfz1z&from=cor&uid=ST3200820AS_5QE06E4WXXXX5QE06E4W&q={searchTerms} StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1439816538&z=cf38def759dd46328383db2gez2c4tbbeg7q6zfz1z&from=cor&uid=ST3200820AS_5QE06E4WXXXX5QE06E4W FF HKLM-x32\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\he2y18qx.default-1428045530573\extensions\defsearchp@gmail.com FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\he2y18qx.default-1428045530573\extensions\deskCutv2@gmail.com StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=1444065645&z=b310cffeb6e6e55b72f1637g2zfzbzce4qfw1zfc1b&from=face&uid=ST3200820AS_5QE06E4WXXXX5QE06E4W ShortcutWithArgument: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.istartsurf.com/?type=sc&ts=1444065645&z=b310cffeb6e6e55b72f1637g2zfzbzce4qfw1zfc1b&from=face&uid=ST3200820AS_5QE06E4WXXXX5QE06E4W C:\Program Files (x86)\27DAD760-1444063731-11D9-BB64-5404A6A214B1 C:\Program Files (x86)\SFK C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat C:\ProgramData\9WinManPro9 C:\ProgramData\tWdsManProt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyBrowser C:\Users\Admin\AppData\Local\27DAD760-1444070982-11D9-BB64-5404A6A214B1 C:\Users\Admin\AppData\Local\891 C:\Users\Admin\AppData\Local\Prompt Downloader C:\Users\Admin\AppData\Roaming\istartsurf C:\Users\Admin\AppData\Roaming\mystartsearch C:\Users\Admin\AppData\Roaming\RunDir C:\Users\Admin\AppData\Roaming\NetService C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Crossbrowse.lnk C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MyBrowser.lnk C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jogotempo C:\Users\Admin\Desktop\Prompt Downloader C:\Windows\system32\Drivers\{b50d0351-887b-4ba2-b70c-fa22f9790730}Gw64.sys C:\Windows\system32\Drivers\E07249B.sys C:\Windows\System32\Drivers\wwfd_vt_1_10_0_24.sys C:\Windows\system32\Drivers\etc\hp.bak C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 Reg: reg delete HKLM\SOFTWARE\Clients\StartMenuInternet\Opera /f CMD: netsh advfirewall reset ***************** Procesy zostały pomyślnie zamknięte. E07249B => nie znaleziono. {b50d0351-887b-4ba2-b70c-fa22f9790730}Gw64 => serwis pomyślnie usunięto gyvixodu => serwis pomyślnie usunięto lehicewu => serwis pomyślnie usunięto NetTcpHandler => serwis pomyślnie usunięto SSFK => serwis pomyślnie usunięto Update Web Amplified => serwis pomyślnie usunięto Util Web Amplified => serwis pomyślnie usunięto WdsManPro => serwis pomyślnie usunięto WindowsMangerProtect => serwis pomyślnie usunięto wwfd_vt_1_10_0_24 => serwis pomyślnie usunięto wwsvc_1.10.0.24 => serwis pomyślnie usunięto xoluboru => serwis nie znaleziono. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{01850DB9-795D-41EE-B0C4-5242AD333CF9}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01850DB9-795D-41EE-B0C4-5242AD333CF9}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-4 => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\a929e9f6-b235-4ae4-b8e7-591c45f1670d-4" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{02F0F047-DDAC-44D7-8045-BBC27642C325}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02F0F047-DDAC-44D7-8045-BBC27642C325}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\WordWizard Auto Updater 1.10.0.24 Pending Update => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WordWizard Auto Updater 1.10.0.24 Pending Update" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{047553BA-E03A-4B40-BA0C-1C825F0E77ED}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{047553BA-E03A-4B40-BA0C-1C825F0E77ED}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-10_user => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\6055b7eb-df8d-4281-afd8-560810fc40d7-10_user" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{07E80383-D18B-4AC8-9859-7AA9F4F050C5}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07E80383-D18B-4AC8-9859-7AA9F4F050C5}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-5 => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\a929e9f6-b235-4ae4-b8e7-591c45f1670d-5" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{45BE8743-9CC1-4E05-9ADA-83703A748B59}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45BE8743-9CC1-4E05-9ADA-83703A748B59}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\MyBrowser => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MyBrowser" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{47F8F3E7-CF9F-4F73-9C36-12DAC6B0EE0D}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47F8F3E7-CF9F-4F73-9C36-12DAC6B0EE0D}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-1-7 => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\6055b7eb-df8d-4281-afd8-560810fc40d7-1-7" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4A9F7F78-DA08-4683-81F9-EBA0BED42B79}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A9F7F78-DA08-4683-81F9-EBA0BED42B79}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-4 => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\6055b7eb-df8d-4281-afd8-560810fc40d7-4" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6BA3F1A0-C70B-4B4C-95F2-B33CBCFBA75D}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BA3F1A0-C70B-4B4C-95F2-B33CBCFBA75D}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-1-7 => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\a929e9f6-b235-4ae4-b8e7-591c45f1670d-1-7" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{70ED1F79-0B60-4BD1-80F2-42B8EA1DB06A}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{70ED1F79-0B60-4BD1-80F2-42B8EA1DB06A}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-5_user => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\6055b7eb-df8d-4281-afd8-560810fc40d7-5_user" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{748891BD-1EE0-4492-84C8-B787579ABEED}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{748891BD-1EE0-4492-84C8-B787579ABEED}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\Crossbrowse => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Crossbrowse" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{826DF2FE-21CC-4C72-AA3C-A89A528F063F}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{826DF2FE-21CC-4C72-AA3C-A89A528F063F}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-5 => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\6055b7eb-df8d-4281-afd8-560810fc40d7-5" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A2EAEC6E-5D8D-4756-8725-D661EF00E3F1}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2EAEC6E-5D8D-4756-8725-D661EF00E3F1}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-10_user => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\a929e9f6-b235-4ae4-b8e7-591c45f1670d-10_user" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A9E3407B-5730-4DF5-AA87-C6885D5E2F30}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9E3407B-5730-4DF5-AA87-C6885D5E2F30}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\AmiUpdXp => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AmiUpdXp" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB72F97F-B528-437B-BDA2-7E156DBB84D3}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB72F97F-B528-437B-BDA2-7E156DBB84D3}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\{28511603-1814-48B9-843A-AD3AD921E4E5} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{28511603-1814-48B9-843A-AD3AD921E4E5}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CE33C86C-9D85-436C-B85F-0AD03E841D75}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE33C86C-9D85-436C-B85F-0AD03E841D75}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-1-6 => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\a929e9f6-b235-4ae4-b8e7-591c45f1670d-1-6" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D38A480F-DB11-4877-81A9-394D7D46A2D3}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D38A480F-DB11-4877-81A9-394D7D46A2D3}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\WordWizard Auto Updater 1.10.0.24 Core => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WordWizard Auto Updater 1.10.0.24 Core" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D5D6FA99-2EC1-4729-8BB3-B3F4AA2BBCE7}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5D6FA99-2EC1-4729-8BB3-B3F4AA2BBCE7}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-1-6 => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\6055b7eb-df8d-4281-afd8-560810fc40d7-1-6" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E53D6FE4-6B1D-4090-B03B-D36886CAFFC4}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E53D6FE4-6B1D-4090-B03B-D36886CAFFC4}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-5_user => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\a929e9f6-b235-4ae4-b8e7-591c45f1670d-5_user" => klucz pomyślnie usunięto C:\Windows\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-1-6.job => pomyślnie przeniesiono C:\Windows\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-1-7.job => pomyślnie przeniesiono C:\Windows\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-10_user.job => pomyślnie przeniesiono C:\Windows\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-4.job => pomyślnie przeniesiono C:\Windows\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-5.job => pomyślnie przeniesiono C:\Windows\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-5_user.job => pomyślnie przeniesiono C:\Windows\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-1-6.job => pomyślnie przeniesiono C:\Windows\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-1-7.job => pomyślnie przeniesiono C:\Windows\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-10_user.job => pomyślnie przeniesiono C:\Windows\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-4.job => pomyślnie przeniesiono C:\Windows\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-5.job => pomyślnie przeniesiono C:\Windows\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-5_user.job => pomyślnie przeniesiono C:\Windows\Tasks\AmiUpdXp.job => pomyślnie przeniesiono C:\Windows\Tasks\Crossbrowse.job => pomyślnie przeniesiono C:\Windows\Tasks\MyBrowser.job => pomyślnie przeniesiono HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\Update => Wartość nie znaleziono. HKU\S-1-5-21-1156661441-3988215128-3090756461-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_3C42015D2638AD59A9C14E09DD1E3050 => Wartość pomyślnie usunięto HKU\S-1-5-21-1156661441-3988215128-3090756461-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_707AB4DC4851505403C8FD2DF14CF292 => Wartość pomyślnie usunięto C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk => pomyślnie przeniesiono C:\Windows\system32\GroupPolicy\Machine => pomyślnie przeniesiono C:\Windows\system32\GroupPolicy\GPT.ini => pomyślnie przeniesiono "HKLM\SOFTWARE\Policies\Google" => klucz pomyślnie usunięto HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie przywrócono "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => klucz pomyślnie usunięto HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => klucz nie znaleziono. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie przywrócono "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => klucz pomyślnie usunięto HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => klucz nie znaleziono. HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\defsearchp@gmail.com => Wartość pomyślnie usunięto HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\deskCutv2@gmail.com => Wartość pomyślnie usunięto HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\\Default => Wartość pomyślnie przywrócono C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk => Skrót - argument pomyślnie usunięto. C:\Program Files (x86)\27DAD760-1444063731-11D9-BB64-5404A6A214B1 => pomyślnie przeniesiono C:\Program Files (x86)\SFK => pomyślnie przeniesiono C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat => pomyślnie przeniesiono C:\ProgramData\9WinManPro9 => pomyślnie przeniesiono C:\ProgramData\tWdsManProt => pomyślnie przeniesiono "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse" => plik/folder nie znaleziono. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyBrowser => pomyślnie przeniesiono C:\Users\Admin\AppData\Local\27DAD760-1444070982-11D9-BB64-5404A6A214B1 => pomyślnie przeniesiono C:\Users\Admin\AppData\Local\891 => pomyślnie przeniesiono C:\Users\Admin\AppData\Local\Prompt Downloader => pomyślnie przeniesiono C:\Users\Admin\AppData\Roaming\istartsurf => pomyślnie przeniesiono C:\Users\Admin\AppData\Roaming\mystartsearch => pomyślnie przeniesiono C:\Users\Admin\AppData\Roaming\RunDir => pomyślnie przeniesiono C:\Users\Admin\AppData\Roaming\NetService => pomyślnie przeniesiono C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Crossbrowse.lnk => pomyślnie przeniesiono C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MyBrowser.lnk => pomyślnie przeniesiono "C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage" => plik/folder nie znaleziono. C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jogotempo => pomyślnie przeniesiono C:\Users\Admin\Desktop\Prompt Downloader => pomyślnie przeniesiono C:\Windows\system32\Drivers\{b50d0351-887b-4ba2-b70c-fa22f9790730}Gw64.sys => pomyślnie przeniesiono "C:\Windows\system32\Drivers\E07249B.sys" => plik/folder nie znaleziono. C:\Windows\System32\Drivers\wwfd_vt_1_10_0_24.sys => pomyślnie przeniesiono C:\Windows\system32\Drivers\etc\hp.bak => pomyślnie przeniesiono C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 => pomyślnie przeniesiono ========= reg delete HKLM\SOFTWARE\Clients\StartMenuInternet\Opera /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= netsh advfirewall reset ========= Wystpi bd podczas prby kontaktowania si z usug zapory systemu Windows. Upewnij si, e usuga jest uruchomiona, i ponw danie. ========= Koniec CMD: ========= System wymagał restartu.. ==== Koniec Fixlog 11:28:27 ====