Rezultat naprawy Farbar Recovery Scan Tool (x86) Wersja:07-11-2015
Uruchomiony przez Admin (2015-11-08 10:20:03) Run:1
Uruchomiony z D:\FixIt\Nowy folder
Załadowane profile: Admin (Dostępne profile: Admin)
Tryb startu: Normal

==============================================

fixlist - zawartość:
*****************
CloseProcesses:
CreateRestorePoint:
CMD: type "C:\Program Files\Google\Chrome\Application\chrome.bat"
CMD: type "C:\Program Files\Internet Explorer\iexplore.bat"
CMD: type "C:\Program Files\Mozilla Firefox\firefox.bat"
CMD: type "D:\Gry\The Elder Scrolls V - Skyrim\Launcher.bat"
CMD: type C:\ProgramData\ntuser.pol
CMD: type C:\Windows\system32\GroupPolicy\Machine\registry.pol
R1 swsedrvr_vt_1_10_0_25; system32\drivers\swsedrvr_vt_1_10_0_25.sys [X]
HKLM\...\Run: [] => [X]
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,,c:\program files\microsoft\desktoplayer.exe
Task: {0FD70C32-99B2-42C4-AD94-7F292329F9BF} - System32\Tasks\Update Service for Torrent Search2 => C:\Program Files\Torrent Search\aH8A6wF.exe [2015-10-09] () <==== UWAGA
Task: {C401C558-7A50-420D-9AA0-F41DADA9D9A1} - System32\Tasks\Rerun service for Torrent Search => C:\Users\Admin\AppData\Local\Temp\TorrentSearch_restartonfail_exe\ts_10051.exe [2015-11-07] (Company Inc.) <==== UWAGA
Task: {D709D175-8215-4D7E-A87F-A1C6511FE329} - System32\Tasks\MyBrowser => C:\Program Files\MyBrowser\MyBrowser\Application\utility.exe <==== UWAGA
Task: C:\Windows\Tasks\MyBrowser.job => C:\Program Files\MyBrowser\MyBrowser\Application\utility.exe <==== UWAGA
Task: C:\Windows\Tasks\Rerun service for Torrent Search.job => C:\Users\Admin\AppData\Local\Temp\TorrentSearch_restartonfail_exe\ts_10051.exe <==== UWAGA
Task: C:\Windows\Tasks\Update Service for Torrent Search2.job => C:\Program Files\Torrent Search\aH8A6wF.exe <==== UWAGA
GroupPolicy: Ograniczenia - Chrome <======= UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
SearchScopes: HKU\S-1-5-21-4127351139-3218798602-2645746064-1000 -> {14EFDE6B-62CA-4401-AF62-15BE2616AE74} URL = hxxps://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=435371&p={searchTerms}
BHO: TSearch -> {6E727987-C8EA-44DA-8749-310C0FBE3C3E} -> C:\Program Files\Torrent Search\IEEF\ojUkrz57aC.dll [2015-10-09] ()
FF Session Restore: -> [funkcja włączona]
FF Extension: TSearch - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\90i9q7et.default\Extensions\{6E727987-C8EA-44DA-8749-310C0FBE3C3E} [2015-11-07] [Brak podpisu cyfrowego]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-4127351139-3218798602-2645746064-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
C:\Torrentex
C:\Program Files\Google\Chrome\Application\chrome.bat
C:\Program Files\Internet Explorer\iexplore.bat
C:\Program Files\microsoft
C:\Program Files\Mozilla Firefox\firefox.bat
C:\Program Files\Torrent Search
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\G??gl? ?hr?m?.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\??zill? Fir?f??.lnk
C:\Users\Admin\AppData\Local\MyBrowser
C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\G??gl? ?hr?m?.lnk
C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\L?un?h Int?rn?t ??pl?r?r ?r?ws?r.lnk
C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MyBrowser.lnk
C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\G??gl? ?hr?m?.lnk
C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\??zill? Fir?f??.lnk
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Int?rn?t ??pl?r?r (N? ?dd-?ns).lnk
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Int?rn?t ??pl?r?r.lnk
C:\Users\Public\Desktop\G??gl? ?hr?m?.lnk
C:\Users\Admin\Downloads\Torrentex
C:\Windows\ExplorerSrv.exe
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\swsesrvc_1.10.0.25" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Akamai NetSession Interface" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SMSetup" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched" /f
CMD: netsh advfirewall reset
EmptyTemp:
*****************

Procesy zostały pomyślnie zamknięte.
Punkt przywracania został pomyślnie utworzony.

=========  type "C:\Program Files\Google\Chrome\Application\chrome.bat" =========

start "" /I /B /D"C:\PROGRA~1\Google\Chrome\APPLIC~1\" "C:\PROGRA~1\Google\Chrome\APPLIC~1\chrome.exe" "http://pagego.ru/?from=mru1"

========= Koniec  CMD: =========


=========  type "C:\Program Files\Internet Explorer\iexplore.bat" =========

start "" /I /B /D"C:\PROGRA~1\INTERN~1\" "C:\PROGRA~1\INTERN~1\iexplore.exe" "http://pagego.ru/?from=mru1"

========= Koniec  CMD: =========


=========  type "C:\Program Files\Mozilla Firefox\firefox.bat" =========

start "" /I /B /D"C:\PROGRA~1\MOZILL~1\" "C:\PROGRA~1\MOZILL~1\firefox.exe" "http://pagego.ru/?from=mru1"

========= Koniec  CMD: =========


=========  type "D:\Gry\The Elder Scrolls V - Skyrim\Launcher.bat" =========

start "" /I /B /D"D:\Gry\THEELD~1\" "D:\Gry\THEELD~1\Launcher.exe" "http://pagego.ru/?from=mru1"

========= Koniec  CMD: =========


=========  type C:\ProgramData\ntuser.pol =========

PReg   [ S o f t w a r e \ P o l i c i e s \ M i c r o s o f t \ W i n d o w s \ G r o u p   P o l i c y   O b j e c t s \ L o k a l n e   z a s a d y   g r u p y   ; * * C o m m e n t : G P O   N a m e :   L o k a l n e   z a s a d y   g r u p y   ;    ;     ; ] [ S o f t w a r e \ P o l i c i e s \ G o o g l e \ C h r o m e \ E x t e n s i o n I n s t a l l W h i t e l i s t   ; * * d e l v a l s .   ;    ;    ;     ] [ S o f t w a r e \ P o l i c i e s \ G o o g l e \ C h r o m e \ E x t e n s i o n I n s t a l l W h i t e l i s t   ; 1   ;    ; B   ; a d p l c h o j b n c e l e i e i l g g n p c e i k j e a p j g   ] 
========= Koniec  CMD: =========


=========  type C:\Windows\system32\GroupPolicy\Machine\registry.pol =========

PReg   [ S o f t w a r e \ P o l i c i e s \ G o o g l e \ C h r o m e \ E x t e n s i o n I n s t a l l W h i t e l i s t   ; * * d e l v a l s .   ;    ;    ;     ] [ S o f t w a r e \ P o l i c i e s \ G o o g l e \ C h r o m e \ E x t e n s i o n I n s t a l l W h i t e l i s t   ; 1   ;    ; B   ; a d p l c h o j b n c e l e i e i l g g n p c e i k j e a p j g   ] [ S o f t w a r e \ P o l i c i e s \ C h r o m i u m \ E x t e n s i o n I n s t a l l W h i t e l i s t   ; 1   ;    ; B   ; c k d n m k b a n b a m p n i f p d d c f d p h o n m f i b k b   ] 
========= Koniec  CMD: =========

swsedrvr_vt_1_10_0_25 => serwis pomyślnie usunięto
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => Wartość pomyślnie usunięto
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Userinit => Wartość pomyślnie przywrócono
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FD70C32-99B2-42C4-AD94-7F292329F9BF} => klucz nie znaleziono. 
C:\Windows\System32\Tasks\Update Service for Torrent Search2 => pomyślnie przeniesiono
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update Service for Torrent Search2" => klucz pomyślnie usunięto
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C401C558-7A50-420D-9AA0-F41DADA9D9A1} => klucz nie znaleziono. 
C:\Windows\System32\Tasks\Rerun service for Torrent Search => nie znaleziono.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Rerun service for Torrent Search => klucz nie znaleziono. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D709D175-8215-4D7E-A87F-A1C6511FE329}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D709D175-8215-4D7E-A87F-A1C6511FE329}" => klucz pomyślnie usunięto
C:\Windows\System32\Tasks\MyBrowser => pomyślnie przeniesiono
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MyBrowser" => klucz pomyślnie usunięto
C:\Windows\Tasks\MyBrowser.job => pomyślnie przeniesiono
C:\Windows\Tasks\Rerun service for Torrent Search.job => nie znaleziono.
C:\Windows\Tasks\Update Service for Torrent Search2.job => pomyślnie przeniesiono
C:\Windows\system32\GroupPolicy\Machine => pomyślnie przeniesiono
C:\Windows\system32\GroupPolicy\GPT.ini => pomyślnie przeniesiono
"HKLM\SOFTWARE\Policies\Google" => klucz pomyślnie usunięto
"HKU\S-1-5-21-4127351139-3218798602-2645746064-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{14EFDE6B-62CA-4401-AF62-15BE2616AE74}" => klucz pomyślnie usunięto
HKCR\CLSID\{14EFDE6B-62CA-4401-AF62-15BE2616AE74} => klucz nie znaleziono. 
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E727987-C8EA-44DA-8749-310C0FBE3C3E}" => klucz pomyślnie usunięto
"HKCR\CLSID\{6E727987-C8EA-44DA-8749-310C0FBE3C3E}" => klucz pomyślnie usunięto
FF Session Restore: -> pomyślnie usunięto
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\90i9q7et.default\Extensions\{6E727987-C8EA-44DA-8749-310C0FBE3C3E} => pomyślnie przeniesiono
HKLM\Software\Mozilla\Firefox\Extensions\\smartwebprinting@hp.com => Wartość pomyślnie usunięto
HKU\S-1-5-21-4127351139-3218798602-2645746064-1000\Software\Mozilla\Firefox\Extensions\\smartwebprinting@hp.com => Wartość pomyślnie usunięto
"C:\Torrentex" => nie znaleziono.
C:\Program Files\Google\Chrome\Application\chrome.bat => pomyślnie przeniesiono
C:\Program Files\Internet Explorer\iexplore.bat => pomyślnie przeniesiono
C:\Program Files\microsoft => pomyślnie przeniesiono
C:\Program Files\Mozilla Firefox\firefox.bat => pomyślnie przeniesiono
C:\Program Files\Torrent Search => pomyślnie przeniesiono

=========== "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\G??gl? ?hr?m?.lnk" ==========

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Gооglе Сhrоmе.lnk => pomyślnie przeniesiono

========= Koniec -> "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\G??gl? ?hr?m?.lnk" ========


=========== "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\??zill? Fir?f??.lnk" ==========

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk => pomyślnie przeniesiono

========= Koniec -> "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\??zill? Fir?f??.lnk" ========

C:\Users\Admin\AppData\Local\MyBrowser => pomyślnie przeniesiono

=========== "C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\G??gl? ?hr?m?.lnk" ==========

C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gооglе Сhrоmе.lnk => pomyślnie przeniesiono

========= Koniec -> "C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\G??gl? ?hr?m?.lnk" ========


=========== "C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\L?un?h Int?rn?t ??pl?r?r ?r?ws?r.lnk" ==========

C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunсh Intеrnеt Ехplоrеr Вrоwsеr.lnk => pomyślnie przeniesiono

========= Koniec -> "C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\L?un?h Int?rn?t ??pl?r?r ?r?ws?r.lnk" ========

C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MyBrowser.lnk => pomyślnie przeniesiono

=========== "C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\G??gl? ?hr?m?.lnk" ==========

C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gооglе Сhrоmе.lnk => pomyślnie przeniesiono

========= Koniec -> "C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\G??gl? ?hr?m?.lnk" ========


=========== "C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\??zill? Fir?f??.lnk" ==========

C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Моzillа Firеfох.lnk => pomyślnie przeniesiono

========= Koniec -> "C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\??zill? Fir?f??.lnk" ========


=========== "C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Int?rn?t ??pl?r?r (N? ?dd-?ns).lnk" ==========

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Intеrnеt Ехplоrеr (Nо Аdd-оns).lnk => pomyślnie przeniesiono

========= Koniec -> "C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Int?rn?t ??pl?r?r (N? ?dd-?ns).lnk" ========


=========== "C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Int?rn?t ??pl?r?r.lnk" ==========

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехplоrеr.lnk => pomyślnie przeniesiono

========= Koniec -> "C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Int?rn?t ??pl?r?r.lnk" ========


=========== "C:\Users\Public\Desktop\G??gl? ?hr?m?.lnk" ==========

C:\Users\Public\Desktop\Gооglе Сhrоmе.lnk => pomyślnie przeniesiono

========= Koniec -> "C:\Users\Public\Desktop\G??gl? ?hr?m?.lnk" ========

C:\Users\Admin\Downloads\Torrentex => pomyślnie przeniesiono
C:\Windows\ExplorerSrv.exe => pomyślnie przeniesiono

========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\swsesrvc_1.10.0.25" /f =========

Operacja ukoäczona pomylnie.


========= Koniec  Reg: =========


========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Akamai NetSession Interface" /f =========

Operacja ukoäczona pomylnie.


========= Koniec  Reg: =========


========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SMSetup" /f =========

Operacja ukoäczona pomylnie.


========= Koniec  Reg: =========


========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched" /f =========

Operacja ukoäczona pomylnie.


========= Koniec  Reg: =========


=========  netsh advfirewall reset =========

Ok.


========= Koniec  CMD: =========

EmptyTemp: => 1.6 GB danych tymczasowych Usunięto.


System wymagał restartu.

==== Koniec  Fixlog 10:21:11 ====