Rezultat naprawy Farbar Recovery Scan Tool (x86) Wersja:11-10-2015 02
Uruchomiony przez CoolPizza (2015-10-13 11:25:01) Run:1
Uruchomiony z C:\FRST
Załadowane profile: CoolPizza (Dostępne profile: CoolPizza & backup)
Tryb startu: Normal

==============================================

fixlist - zawartość:
*****************
CloseProcesses:
CreateRestorePoint:
R2 Danlax; C:\Documents and Settings\All Users\Dane aplikacji\\Danlax\\Danlax.exe [441856 2015-09-17] () [Brak podpisu cyfrowego]
AppInit_DLLs: C:\DOCUME~1\ALLUSE~1\DANEAP~1\Danlax\Holdzap.dll => C:\Documents and Settings\All Users\Dane aplikacji\Danlax\Holdzap.dll [384512 2015-09-21] ()
HKLM\...\Run: [GEST] => =
HKLM\...\Run: [Web Protector Plus Agent] => "C:\Program Files\WebProtectorPlus\WebProtectorPlus.exe"
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3csuRBQDAZ0FmM9TCERoeuHeIJJe7FH3_mc1L75LEMEaLeu2G5nBImsU7nk7-EyoJGSNUjrwY1y6yS7vkz8roO8peJ4F9SYM4HOhApitXQUOItRk9MpwBiCqZBDkjNCK8Cx2rdsM3dSaoYg,,
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3csuRBQDAZ0FmM9TCERoeuHeIJJe7FH3_mc1L75LEMEaLeu2G5nBImsU7nk7-EyoJGS-GBe0SisnA8FrHj2urDIZCkUXqtkrMyXo08SaSLlHBn_sy0KF8Wz07Sdk9_rryGTExmULWxSh3lA,,&q={searchTerms}
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3csuRBQDAZ0FmM9TCERoeuHeIJJe7FH3_mc1L75LEMEaLeu2G5nBImsU7nk7-EyoJGS-GBe0SisnA8FrHj2urDIZCkUXqtkrMyXo08SaSLlHBn_sy0KF8Wz07Sdk9_rryGTExmULWxSh3lA,,&q={searchTerms}
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3csuRBQDAZ0FmM9TCERoeuHeIJJe7FH3_mc1L75LEMEaLeu2G5nBImsU7nk7-EyoJGS-GBe0SisnA8FrHj2urDIZCkUXqtkrMyXo08SaSLlHBn_sy0KF8Wz07Sdk9_rryGTExmULWxSh3lA,,&q={searchTerms}
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3csuRBQDAZ0FmM9TCERoeuHeIJJe7FH3_mc1L75LEMEaLeu2G5nBImsU7nk7-EyoJGSNUjrwY1y6yS7vkz8roO8peJ4F9SYM4HOhApitXQUOItRk9MpwBiCqZBDkjNCK8Cx2rdsM3dSaoYg,,
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3csuRBQDAZ0FmM9TCERoeuHeIJJe7FH3_mc1L75LEMEaLeu2G5nBImsU7nk7-EyoJGS-GBe0SisnA8FrHj2urDIZCkUXqtkrMyXo08SaSLlHBn_sy0KF8Wz07Sdk9_rryGTExmULWxSh3lA,,&q={searchTerms}
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3csuRBQDAZ0FmM9TCERoeuHeIJJe7FH3_mc1L75LEMEaLeu2G5nBImsU7nk7-EyoJGS-GBe0SisnA8FrHj2urDIZCkUXqtkrMyXo08SaSLlHBn_sy0KF8Wz07Sdk9_rryGTExmULWxSh3lA,,&q={searchTerms}
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3csuRBQDAZ0FmM9TCERoeuHeIJJe7FH3_mc1L75LEMEaLeu2G5nBImsU7nk7-EyoJGS-GBe0SisnA8FrHj2urDIZCkUXqtkrMyXo08SaSLlHBn_sy0KF8Wz07Sdk9_rryGTExmULWxSh3lA,,&q={searchTerms}
HKU\S-1-5-21-343818398-602162358-1801674531-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3csuRBQDAZ0FmM9TCERoeuHeIJJe7FH3_mc1L75LEMEaLeu2G5nBImsU7nk7-EyoJGSNUjrwY1y6yS7vkz8roO8peJ4F9SYM4HOhApitXQUOItRk9MpwBiCqZBDkjNCK8Cx2rdsM3dSaoYg,,
HKU\S-1-5-21-343818398-602162358-1801674531-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3csuRBQDAZ0FmM9TCERoeuHeIJJe7FH3_mc1L75LEMEaLeu2G5nBImsU7nk7-EyoJGS-GBe0SisnA8FrHj2urDIZCkUXqtkrMyXo08SaSLlHBn_sy0KF8Wz07Sdk9_rryGTExmULWxSh3lA,,&q={searchTerms}
HKU\S-1-5-21-343818398-602162358-1801674531-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3csuRBQDAZ0FmM9TCERoeuHeIJJe7FH3_mc1L75LEMEaLeu2G5nBImsU7nk7-EyoJGS-GBe0SisnA8FrHj2urDIZCkUXqtkrMyXo08SaSLlHBn_sy0KF8Wz07Sdk9_rryGTExmULWxSh3lA,,&q={searchTerms}
HKU\S-1-5-21-343818398-602162358-1801674531-1004\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3csuRBQDAZ0FmM9TCERoeuHeIJJe7FH3_mc1L75LEMEaLeu2G5nBImsU7nk7-EyoJGS-GBe0SisnA8FrHj2urDIZCkUXqtkrMyXo08SaSLlHBn_sy0KF8Wz07Sdk9_rryGTExmULWxSh3lA,,&q={searchTerms}
URLSearchHook: HKLM -> Domyślne = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKLM -> DefaultScope {ielnksrch} URL =
CHR HKLM\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-343818398-602162358-1801674531-1004\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - hxxp://clients2.google.com/service/update2/crx
C:\Documents and Settings\All Users\Dane aplikacji\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Documents and Settings\All Users\Dane aplikacji\Danlax
C:\Documents and Settings\All Users\Dane aplikacji\Danlaxs
C:\Documents and Settings\CoolPizza\SetupComponents.exe
C:\Documents and Settings\CoolPizza\Ustawienia lokalne\Dane aplikacji\updater.log
C:\Documents and Settings\CoolPizza\Ustawienia lokalne\Dane aplikacji\UserProducts.xml
C:\Program Files\Common Files\Subgodom
C:\WINDOWS\system32\findit.xml
C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0B451150-3691-41C6-9AD0-B7CC164A02C2} /f
Reg: reg delete HKLM\SOFTWARE\Mozilla /f
Reg: reg delete HKLM\SOFTWARE\MozillaPlugins /f
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main" /f
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
EmptyTemp:
*****************

Procesy zostały pomyślnie zamknięte.
Punkt przywracania został pomyślnie utworzony.
Danlax => serwis pomyślnie usunięto
"C:\DOCUME~1\ALLUSE~1\DANEAP~1\Danlax\Holdzap.dll" => Dane wartości pomyślnie usunięto.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\GEST => Wartość pomyślnie usunięto
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Web Protector Plus Agent => Wartość pomyślnie usunięto
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => Wartość pomyślnie przywrócono
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie usunięto
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Search Bar => Wartość pomyślnie usunięto
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie usunięto
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\SearchAssistant => Wartość pomyślnie usunięto
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie usunięto
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Search Bar => Wartość pomyślnie usunięto
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie usunięto
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\SearchAssistant => Wartość pomyślnie usunięto
HKU\S-1-5-21-343818398-602162358-1801674531-1004\Software\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono
HKU\S-1-5-21-343818398-602162358-1801674531-1004\Software\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono
HKU\S-1-5-21-343818398-602162358-1801674531-1004\Software\Microsoft\Internet Explorer\Main\\Search Bar => Wartość pomyślnie usunięto
HKU\S-1-5-21-343818398-602162358-1801674531-1004\Software\Microsoft\Internet Explorer\Main\\SearchAssistant => Wartość pomyślnie usunięto
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => Wartość pomyślnie usunięto
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie przywrócono
"HKLM\SOFTWARE\Google\Chrome\Extensions\kfecnpmgnlnbmipaogfhoacoioifjgko" => klucz pomyślnie usunięto
"HKU\S-1-5-21-343818398-602162358-1801674531-1004\SOFTWARE\Google\Chrome\Extensions\kfecnpmgnlnbmipaogfhoacoioifjgko" => klucz pomyślnie usunięto
C:\Documents and Settings\All Users\Dane aplikacji\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat => pomyślnie przeniesiono
C:\Documents and Settings\All Users\Dane aplikacji\Danlax => pomyślnie przeniesiono
C:\Documents and Settings\All Users\Dane aplikacji\Danlaxs => pomyślnie przeniesiono
C:\Documents and Settings\CoolPizza\SetupComponents.exe => pomyślnie przeniesiono
C:\Documents and Settings\CoolPizza\Ustawienia lokalne\Dane aplikacji\updater.log => pomyślnie przeniesiono
C:\Documents and Settings\CoolPizza\Ustawienia lokalne\Dane aplikacji\UserProducts.xml => pomyślnie przeniesiono
C:\Program Files\Common Files\Subgodom => pomyślnie przeniesiono
C:\WINDOWS\system32\findit.xml => pomyślnie przeniesiono
C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension => pomyślnie przeniesiono

========= reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0B451150-3691-41C6-9AD0-B7CC164A02C2} /f =========


Operacja ukończona pomyślnie


========= Koniec  Reg: =========


========= reg delete HKLM\SOFTWARE\Mozilla /f =========


Operacja ukończona pomyślnie


========= Koniec  Reg: =========


========= reg delete HKLM\SOFTWARE\MozillaPlugins /f =========


Operacja ukończona pomyślnie


========= Koniec  Reg: =========


========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main" /f =========


Operacja ukończona pomyślnie


========= Koniec  Reg: =========


========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main" /f =========


Operacja ukończona pomyślnie


========= Koniec  Reg: =========


========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main" /f =========


Operacja ukończona pomyślnie


========= Koniec  Reg: =========


========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f =========


Błąd: system nie może odnaleźć określonego klucza rejestru lub wartości.


========= Koniec  Reg: =========


========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f =========


Operacja ukończona pomyślnie


========= Koniec  Reg: =========


========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f =========


Operacja ukończona pomyślnie


========= Koniec  Reg: =========

EmptyTemp: => 1.8 GB danych tymczasowych Usunięto.


System wymagał restartu.

==== Koniec  Fixlog 11:25:55 ====