Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja:13-12-2015
Uruchomiony przez K.K (2015-12-14 20:59:23) Run:3
Uruchomiony z D:\frst
Załadowane profile: K.K (Dostępne profile: K.K & fbwuser)
Tryb startu: Normal
==============================================

fixlist - zawartość:
*****************
CloseProcesses:
CreateRestorePoint:
ShortcutWithArgument: C:\Users\K.K\Desktop\Osoba 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1450108654&z=b5fb1acfbecafc7de1a5e2fgfz1wce1g2e6baq2wec&from=wpm07173&uid=ST1000DM003-1CH162_S1D8K4B7XXXXS1D8K4B7 <==== UWAGA
ShortcutWithArgument: C:\Users\K.K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1450108654&z=b5fb1acfbecafc7de1a5e2fgfz1wce1g2e6baq2wec&from=wpm07173&uid=ST1000DM003-1CH162_S1D8K4B7XXXXS1D8K4B7 <==== UWAGA
ShortcutWithArgument: C:\Users\K.K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1450108654&z=b5fb1acfbecafc7de1a5e2fgfz1wce1g2e6baq2wec&from=wpm07173&uid=ST1000DM003-1CH162_S1D8K4B7XXXXS1D8K4B7 <==== UWAGA
ShortcutWithArgument: C:\Users\K.K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1450108654&z=b5fb1acfbecafc7de1a5e2fgfz1wce1g2e6baq2wec&from=wpm07173&uid=ST1000DM003-1CH162_S1D8K4B7XXXXS1D8K4B7 <==== UWAGA
ShortcutWithArgument: C:\Users\K.K\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1450108654&z=b5fb1acfbecafc7de1a5e2fgfz1wce1g2e6baq2wec&from=wpm07173&uid=ST1000DM003-1CH162_S1D8K4B7XXXXS1D8K4B7 <==== UWAGA
ShortcutWithArgument: C:\Users\K.K\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1450108654&z=b5fb1acfbecafc7de1a5e2fgfz1wce1g2e6baq2wec&from=wpm07173&uid=ST1000DM003-1CH162_S1D8K4B7XXXXS1D8K4B7 <==== UWAGA
ShortcutWithArgument: C:\Users\K.K\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1450108654&z=b5fb1acfbecafc7de1a5e2fgfz1wce1g2e6baq2wec&from=wpm07173&uid=ST1000DM003-1CH162_S1D8K4B7XXXXS1D8K4B7 <==== UWAGA
ShortcutWithArgument: C:\Users\K.K\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1450108654&z=b5fb1acfbecafc7de1a5e2fgfz1wce1g2e6baq2wec&from=wpm07173&uid=ST1000DM003-1CH162_S1D8K4B7XXXXS1D8K4B7 <==== UWAGA
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1450108654&z=b5fb1acfbecafc7de1a5e2fgfz1wce1g2e6baq2wec&from=wpm07173&uid=ST1000DM003-1CH162_S1D8K4B7XXXXS1D8K4B7 <==== UWAGA
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1450108654&z=b5fb1acfbecafc7de1a5e2fgfz1wce1g2e6baq2wec&from=wpm07173&uid=ST1000DM003-1CH162_S1D8K4B7XXXXS1D8K4B7 <==== UWAGA
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1450108654&z=b5fb1acfbecafc7de1a5e2fgfz1wce1g2e6baq2wec&from=wpm07173&uid=ST1000DM003-1CH162_S1D8K4B7XXXXS1D8K4B7 <==== UWAGA
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1450108654&z=b5fb1acfbecafc7de1a5e2fgfz1wce1g2e6baq2wec&from=wpm07173&uid=ST1000DM003-1CH162_S1D8K4B7XXXXS1D8K4B7
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://fr.msn.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=1450108654&z=b5fb1acfbecafc7de1a5e2fgfz1wce1g2e6baq2wec&from=wpm07173&uid=ST1000DM003-1CH162_S1D8K4B7XXXXS1D8K4B7&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1450108654&z=b5fb1acfbecafc7de1a5e2fgfz1wce1g2e6baq2wec&from=wpm07173&uid=ST1000DM003-1CH162_S1D8K4B7XXXXS1D8K4B7
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1450108654&z=b5fb1acfbecafc7de1a5e2fgfz1wce1g2e6baq2wec&from=wpm07173&uid=ST1000DM003-1CH162_S1D8K4B7XXXXS1D8K4B7&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3868924982-3431921725-295582353-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://fr.msn.com/
HKU\S-1-5-21-3868924982-3431921725-295582353-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-3868924982-3431921725-295582353-1000\Software\Microsoft\Internet Explorer\Main,Default_search_url = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1450108654&z=b5fb1acfbecafc7de1a5e2fgfz1wce1g2e6baq2wec&from=wpm07173&uid=ST1000DM003-1CH162_S1D8K4B7XXXXS1D8K4B7&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1450108654&z=b5fb1acfbecafc7de1a5e2fgfz1wce1g2e6baq2wec&from=wpm07173&uid=ST1000DM003-1CH162_S1D8K4B7XXXXS1D8K4B7&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3868924982-3431921725-295582353-1000 -> ${searchCLSID} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKU\S-1-5-21-3868924982-3431921725-295582353-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1450108654&z=b5fb1acfbecafc7de1a5e2fgfz1wce1g2e6baq2wec&from=wpm07173&uid=ST1000DM003-1CH162_S1D8K4B7XXXXS1D8K4B7&q={searchTerms}
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll Brak pliku
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [default_newtabff@gmail.com] - C:\Users\K.K\AppData\Roaming\Mozilla\Firefox\Profiles\mst0lead.default\extensions\default_newtabff@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [yahooprotected@gmail.com] - C:\Users\K.K\AppData\Roaming\Mozilla\Firefox\Profiles\mst0lead.default\extensions\yahooprotected@gmail.com
FF HKU\S-1-5-21-3868924982-3431921725-295582353-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.yoursites123.com/?type=sc&ts=1450108654&z=b5fb1acfbecafc7de1a5e2fgfz1wce1g2e6baq2wec&from=wpm07173&uid=ST1000DM003-1CH162_S1D8K4B7XXXXS1D8K4B7
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\!341B4DA552FC349BC0E45BCE21DB54EA341B.js [2015-10-28] <==== UWAGA
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\341B4DA552FC349BC0E45BCE21DB54EA341B [2015-10-28] <==== UWAGA
CHR StartupUrls: Profile 1 -> "hxxp://www.google.pl/","hxxp://www.meteoprog.pl/pl/weather/Lubin/","hxxp://www.yoursites123.com/?type=hp&ts=1450108654&z=b5fb1acfbecafc7de1a5e2fgfz1wce1g2e6baq2wec&from=wpm07173&uid=ST1000DM003-1CH162_S1D8K4B7XXXXS1D8K4B7"
CHR DefaultSearchURL: Profile 1 -> hxxp://www.yoursites123.com/web/?type=ds&ts=1450108654&z=b5fb1acfbecafc7de1a5e2fgfz1wce1g2e6baq2wec&from=wpm07173&uid=ST1000DM003-1CH162_S1D8K4B7XXXXS1D8K4B7&q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> yoursites123
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.yoursites123.com/?type=sc&ts=1450108654&z=b5fb1acfbecafc7de1a5e2fgfz1wce1g2e6baq2wec&from=wpm07173&uid=ST1000DM003-1CH162_S1D8K4B7XXXXS1D8K4B7
StartMenuInternet: (HKLM) OperaStable - Opera.exe
R2 IhPul; C:\Users\K.K\AppData\Roaming\TSv\TSvr.exe [580752 2015-12-08] (tsvr.com)
R2 SSFK; C:\Program Files (x86)\SFK\SSFK.exe [170144 2015-11-27] (TODO: <???>)
R2 WdMan; C:\ProgramData\HWdMH\WdMan.exe [333312 2015-12-04] (TFuns LIMITED) [Brak podpisu cyfrowego]
S2 ASGT; C:\Windows\SysWOW64\ASGT.exe [X]
S2 c2cautoupdatesvc; "C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service [X]
S2 c2cpnrsvc; "C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service [X]
S3 cleanhlp; \??\C:\Users\K.K\Downloads\EmsisoftEmergencyKit\Run\cleanhlp64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 NTIOLib_1_0_C; \??\F:\NTIOLib_X64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3868924982-3431921725-295582353-1000\...\Run: [Akamai NetSession Interface] => C:\Users\K.K\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
Task: {580287CD-FC20-4505-8CF4-980A2A46610A} - System32\Tasks\{5B1B5732-C3CA-48AF-962D-217DB6B5C5F5} => pcalua.exe -a "E:\Gry\Online\MU\ZhyperMU Season 6 Episode 3\Uninstall.exe" -d "E:\Gry\Online\MU\ZhyperMU Season 6 Episode 3"
Task: {6AB952E9-004C-4F6A-A55D-460CB9EE2AE3} - System32\Tasks\{2752E7D2-F786-432D-9AE5-F345122DBE82} => pcalua.exe -a C:\Users\K.K\Downloads\Defraggler(13314).exe -d C:\Users\K.K\Downloads
Task: {A97C6E31-7846-4154-B8BA-6E85A96159E1} - System32\Tasks\{F77D2B3E-2B5A-4488-96F8-A207F184BF9F} => pcalua.exe -a C:\Users\K.K\Downloads\WinSetupFromUSB-1-4_[www.programosy.pl].exe -d C:\Users\K.K\Downloads
Task: {D38A9C2F-91E1-4492-B692-7F219DDEC60F} - System32\Tasks\{7CAA966A-1107-4306-A84D-DE96169C4017} => pcalua.exe -a C:\Users\K.K\Downloads\vcredist_x64.exe -d C:\Users\K.K\Downloads
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
DeleteKey: HKCU\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I
DeleteKey: HKCU\Software\dobreprogramy
DeleteKey: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2
DeleteKey: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SDTray
DeleteKey: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
DeleteKey: HKLM\SOFTWARE\Wow6432Node\yoursites123Software
RemoveDirectory: C:\Program Files (x86)\SFK
RemoveDirectory: C:\Program Files (x86)\WinZipper
RemoveDirectory: C:\ProgramData\HWdMH
RemoveDirectory: C:\ProgramData\JWdMJ
RemoveDirectory: C:\ProgramData\ZWMiniProZ
RemoveDirectory: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker
RemoveDirectory: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
RemoveDirectory: C:\Users\K.K\AppData\Roaming\TSv
RemoveDirectory: C:\Users\K.K\AppData\Roaming\WinZipper
RemoveDirectory: C:\Users\K.K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormFall
RemoveDirectory: C:\Users\K.K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WorldofTanks
C:\Program Files (x86)\GUTF660.tmp
C:\ProgramData\*.bin
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK\TP-LINK Wireless Configuration Utility.lnk
C:\Users\K.K\AppData\Roaming\amV0WmQAtpkvd7j8GJSqaxH3EOZ
C:\Users\K.K\AppData\Roaming\xHMF2bpf2C3tbii6zV9HPGxV
C:\Users\K.K\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\StormFall.lnk
C:\Users\K.K\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WorldofTanks.lnk
C:\Users\K.K\AppData\Roaming\Microsoft\Word\Rodion%20Romanowicz%20Raskolnikow303774011118245595\Rodion%20Romanowicz%20Raskolnikow.docx.lnk
C:\Users\K.K\Documents\Sport\Dziennik Posilkow MR BIG v4.60.LNK
C:\Users\Public\Desktop\TP-LINK Wireless Configuration Utility.lnk
C:\Windows\SysWOW64\pl.html
CMD: netsh advfirewall reset
EmptyTemp:
*****************

Procesy zostały pomyślnie zamknięte.
Punkt przywracania został pomyślnie utworzony.
C:\Users\K.K\Desktop\Osoba 1 - Chrome.lnk => Skrót - argument pomyślnie usunięto.
C:\Users\K.K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk => Skrót - argument pomyślnie usunięto.
C:\Users\K.K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => Skrót - argument pomyślnie usunięto.
C:\Users\K.K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk => Skrót - argument pomyślnie przywrócono
C:\Users\K.K\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => Skrót - argument pomyślnie usunięto.
C:\Users\K.K\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => Skrót - argument pomyślnie usunięto.
C:\Users\K.K\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk => Skrót - argument pomyślnie usunięto.
C:\Users\K.K\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk => Skrót - argument pomyślnie usunięto.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk => Skrót - argument pomyślnie usunięto.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk => Skrót - argument pomyślnie usunięto.
C:\Users\Public\Desktop\Mozilla Firefox.lnk => Skrót - argument pomyślnie usunięto.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono
HKU\S-1-5-21-3868924982-3431921725-295582353-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono
HKU\S-1-5-21-3868924982-3431921725-295582353-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono
HKU\S-1-5-21-3868924982-3431921725-295582353-1000\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie przywrócono
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => klucz pomyślnie usunięto
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => klucz nie znaleziono. 
"HKU\S-1-5-21-3868924982-3431921725-295582353-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\${searchCLSID}" => klucz pomyślnie usunięto
HKCR\CLSID\${searchCLSID} => klucz nie znaleziono. 
"HKU\S-1-5-21-3868924982-3431921725-295582353-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => klucz pomyślnie usunięto
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => klucz nie znaleziono. 
"HKCR\PROTOCOLS\Handler\skypec2c" => klucz pomyślnie usunięto
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => klucz pomyślnie usunięto
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\smartwebprinting@hp.com => Wartość pomyślnie usunięto
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\default_newtabff@gmail.com => Wartość pomyślnie usunięto
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\yahooprotected@gmail.com => Wartość pomyślnie usunięto
HKU\S-1-5-21-3868924982-3431921725-295582353-1000\Software\Mozilla\Firefox\Extensions\\smartwebprinting@hp.com => Wartość pomyślnie usunięto
HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\\Default => Wartość pomyślnie przywrócono
C:\Program Files (x86)\mozilla firefox\defaults\pref\!341B4DA552FC349BC0E45BCE21DB54EA341B.js => pomyślnie przeniesiono
C:\Program Files (x86)\mozilla firefox\341B4DA552FC349BC0E45BCE21DB54EA341B => pomyślnie przeniesiono
Chrome StartupUrls => pomyślnie usunięto
Chrome DefaultSearchURL => pomyślnie usunięto
Chrome DefaultSearchKeyword => pomyślnie usunięto
HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command\\Default => Wartość pomyślnie przywrócono
HKLM\SOFTWARE\Clients\StartMenuInternet\OperaStable\shell\open\command\\Default => Wartość pomyślnie przywrócono
IhPul => serwis pomyślnie usunięto
SSFK => Usługa pomyślnie zatrzymana.
SSFK => serwis pomyślnie usunięto
WdMan => serwis pomyślnie usunięto
ASGT => serwis pomyślnie usunięto
c2cautoupdatesvc => serwis pomyślnie usunięto
c2cpnrsvc => serwis pomyślnie usunięto
cleanhlp => serwis pomyślnie usunięto
EagleX64 => serwis pomyślnie usunięto
esgiguard => serwis pomyślnie usunięto
NTIOLib_1_0_C => serwis pomyślnie usunięto
xhunter1 => serwis pomyślnie usunięto
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Nvtmru => Wartość pomyślnie usunięto
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon => klucz nie znaleziono. 
HKU\S-1-5-21-3868924982-3431921725-295582353-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => Wartość pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{580287CD-FC20-4505-8CF4-980A2A46610A}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{580287CD-FC20-4505-8CF4-980A2A46610A}" => klucz pomyślnie usunięto
C:\Windows\System32\Tasks\{5B1B5732-C3CA-48AF-962D-217DB6B5C5F5} => pomyślnie przeniesiono
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5B1B5732-C3CA-48AF-962D-217DB6B5C5F5}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6AB952E9-004C-4F6A-A55D-460CB9EE2AE3}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AB952E9-004C-4F6A-A55D-460CB9EE2AE3}" => klucz pomyślnie usunięto
C:\Windows\System32\Tasks\{2752E7D2-F786-432D-9AE5-F345122DBE82} => pomyślnie przeniesiono
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2752E7D2-F786-432D-9AE5-F345122DBE82}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A97C6E31-7846-4154-B8BA-6E85A96159E1}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A97C6E31-7846-4154-B8BA-6E85A96159E1}" => klucz pomyślnie usunięto
C:\Windows\System32\Tasks\{F77D2B3E-2B5A-4488-96F8-A207F184BF9F} => pomyślnie przeniesiono
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F77D2B3E-2B5A-4488-96F8-A207F184BF9F}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D38A9C2F-91E1-4492-B692-7F219DDEC60F}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D38A9C2F-91E1-4492-B692-7F219DDEC60F}" => klucz pomyślnie usunięto
C:\Windows\System32\Tasks\{7CAA966A-1107-4306-A84D-DE96169C4017} => pomyślnie przeniesiono
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7CAA966A-1107-4306-A84D-DE96169C4017}" => klucz pomyślnie usunięto
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp" => klucz pomyślnie usunięto
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys" => klucz pomyślnie usunięto
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\CleanHlp" => klucz pomyślnie usunięto
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys" => klucz pomyślnie usunięto
HKCU\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I => klucz pomyślnie usunięto
HKCU\Software\dobreprogramy => klucz pomyślnie usunięto
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 => niepowodzenie przy usuwaniu w pierwszym podejściu (ErrorCode: C0000121), zobacz kolejną linię.
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 => klucz pomyślnie usunięto
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SDTray => klucz pomyślnie usunięto
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC} => klucz pomyślnie usunięto
HKLM\SOFTWARE\Wow6432Node\yoursites123Software => niepowodzenie przy usuwaniu w pierwszym podejściu (ErrorCode: C0000121), zobacz kolejną linię.
HKLM\SOFTWARE\Wow6432Node\yoursites123Software => klucz pomyślnie usunięto
"C:\Program Files (x86)\SFK" => pomyślnie usunięto.
"C:\Program Files (x86)\WinZipper" => pomyślnie usunięto.
"C:\ProgramData\HWdMH" => pomyślnie usunięto.
"C:\ProgramData\JWdMJ" => pomyślnie usunięto.
"C:\ProgramData\ZWMiniProZ" => pomyślnie usunięto.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker" => pomyślnie usunięto.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper" => nie znaleziono.
"C:\Users\K.K\AppData\Roaming\TSv" => pomyślnie usunięto.
"C:\Users\K.K\AppData\Roaming\WinZipper" => nie znaleziono.
"C:\Users\K.K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormFall" => pomyślnie usunięto.
"C:\Users\K.K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WorldofTanks" => pomyślnie usunięto.
C:\Program Files (x86)\GUTF660.tmp => pomyślnie przeniesiono

=========== "C:\ProgramData\*.bin" ==========

C:\ProgramData\1394307293.bdinstall.bin => pomyślnie przeniesiono
C:\ProgramData\1394307700.bdinstall.bin => pomyślnie przeniesiono
C:\ProgramData\1394310951.bdinstall.bin => pomyślnie przeniesiono

========= Koniec -> "C:\ProgramData\*.bin" ========

C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat => pomyślnie przeniesiono
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK\TP-LINK Wireless Configuration Utility.lnk => pomyślnie przeniesiono
C:\Users\K.K\AppData\Roaming\amV0WmQAtpkvd7j8GJSqaxH3EOZ => pomyślnie przeniesiono
C:\Users\K.K\AppData\Roaming\xHMF2bpf2C3tbii6zV9HPGxV => pomyślnie przeniesiono
C:\Users\K.K\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\StormFall.lnk => pomyślnie przeniesiono
C:\Users\K.K\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WorldofTanks.lnk => pomyślnie przeniesiono
C:\Users\K.K\AppData\Roaming\Microsoft\Word\Rodion%20Romanowicz%20Raskolnikow303774011118245595\Rodion%20Romanowicz%20Raskolnikow.docx.lnk => pomyślnie przeniesiono
C:\Users\K.K\Documents\Sport\Dziennik Posilkow MR BIG v4.60.LNK => pomyślnie przeniesiono
C:\Users\Public\Desktop\TP-LINK Wireless Configuration Utility.lnk => pomyślnie przeniesiono
C:\Windows\SysWOW64\pl.html => pomyślnie przeniesiono

=========  netsh advfirewall reset =========

Ok.


========= Koniec  CMD: =========

EmptyTemp: => 3.7 GB danych tymczasowych Usunięto.


System wymagał restartu.

==== Koniec  Fixlog 21:01:09 ====