Rezultat naprawy Farbar Recovery Scan Tool (x86) Wersja: 30-09-2016 Uruchomiony przez vengador (01-10-2016 16:33:35) Run:4 Uruchomiony z C:\Users\vengador\Desktop\FRST + GMER Załadowane profile: vengador (Dostępne profile: vengador) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: Zip: C:\Windows\system32\GroupPolicy C:\Windows\system32\GroupPolicy WMI_ActiveScriptEventConsumer_ASEC: <===== UWAGA HKU\S-1-5-21-4173278026-601312190-193035093-1000\...\Run: [BingSvc] => C:\Users\vengador\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-12-07] (© 2015 Microsoft Corporation) U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation) S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2016-09-28] () S3 catchme; \??\C:\Users\vengador\AppData\Local\Temp\catchme.sys [X] S2 CkerloyClient; C:\Program Files\Aromocult\Kogeghtvojilemdl.dll [X] S3 cpuz134; \??\C:\Users\vengador\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X] S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] S1 kisnetm; \??\c:\program files\kingsoft\kingsoft antivirus\security\ksnetm\kisnetm.sys [X] U0 Partizan; system32\drivers\Partizan.sys [X] HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AeroadminService => ""="Service" Task: {003E6061-2EA1-46A5-A7CC-57C9C1374B38} - System32\Tasks\{2C7F69D8-79B9-4287-A72D-5CD34EC62B7E} => pcalua.exe -a C:\Users\vengador\Downloads\iStar.exe -d C:\Users\vengador\Downloads Task: {1AB99961-DF7D-4FB5-AE8C-771EC90FBD25} - System32\Tasks\Driver Restore-RTMUpdater => C:\Program Files\Driver Restore\Driver Restore\DriverRestore.exe Task: {20C669E0-0A1A-42C4-8625-9D825B340A45} - System32\Tasks\{E0BFA41F-2D33-4B39-9652-D589A5B681F0} => Chrome.exe hxxp://ui.skype.com/ui/0/6.16.0.105/pl/go/help.faq.installer?source=lightinstaller&LastError=1638 Task: {2BD05BA6-988D-4BD3-A9CD-9A39F80AF524} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> Brak pliku <==== UWAGA Task: {2C9F7EDC-D9B2-4307-BA06-AA9B4A1B490A} - System32\Tasks\{62407798-82CF-4C2A-98BB-E09473309398} => Chrome.exe hxxp://ui.skype.com/ui/0/6.16.59.105/pl/go/help.faq.installer?LastError=1638 Task: {33DD72F6-B038-48F7-93CD-9DBED5952B36} - System32\Tasks\Driver Restore-RTMScanRunOnce => C:\Program Files\Driver Restore\Driver Restore\DriverRestore.exe Task: {3A09AC2E-EF6E-48CA-80F8-8A9E3403C8F5} - System32\Tasks\{65058402-B5FB-4304-BD31-CA5B21B0DF4F} => C:\Program Files\Essentware\PCKAV\PCKAV.exe Task: {3A6A94FF-6B86-414C-8CA6-6D0E74C117AB} - System32\Tasks\{2F3B0F8A-8E4D-4C68-83BD-BC5FBAE9C7CB} => pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe" Task: {3BED1D22-16DB-40E0-8E39-2417843C202B} - System32\Tasks\Driver Restore-RTMScan => C:\Program Files\Driver Restore\Driver Restore\DriverRestore.exe Task: {3C075601-2ECE-4603-A50A-315E5D98D542} - System32\Tasks\Opera scheduled Autoupdate 1435081354 => C:\Program Files\Opera\launcher.exe Task: {4012C96D-FA48-4C57-B8DE-8A034A00A365} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe Task: {445E124D-8AD6-403C-A809-D9CBC293662F} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> Brak pliku <==== UWAGA Task: {489C18CD-9C86-4753-9AD6-F62E80249FDB} - System32\Tasks\GridinSoft Anti-Malware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe Task: {5002B4E1-93CA-4092-8E2E-71AEE41D0747} - System32\Tasks\{F1D5C380-FD57-424D-BF8E-CF2B8308B69F} => pcalua.exe -a C:\Users\vengador\Documents\adwcleaner_3.310\adwcleaner_3.310_www.INSTALKI.pl.exe -d C:\Users\vengador\Documents\adwcleaner_3.310 Task: {5B184694-64C3-4633-94C5-945B3FA561D6} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Brak pliku <==== UWAGA Task: {6C9F0A31-B8F6-4959-BBBC-64467B6188D5} - System32\Tasks\{ECD507A8-2EC2-4527-8AAA-BE45CD2548D4} => C:\Users\vengador\Documents\DCC-E2_original\VCC-E2\DCC-E2_original.exe Task: {815E3312-3BE3-4EFD-9DD2-84BF66255144} - System32\Tasks\Driver Restore-RTMRules => C:\Program Files\Driver Restore\Driver Restore\DriverRestore.exe Task: {8720C8A5-BB6B-4191-97F1-B51F4500B690} - System32\Tasks\{C2813ABB-4A41-4F03-8E7D-9CC1AFE34C40} => C:\ProgramData\dQgCHYo\dat\SetjbJ.exe Task: {8C718454-4770-4EA4-B80A-70C330087E6D} - System32\Tasks\Ckerloy Client => C:\Program Files\Aromocult\plagudom.exe Task: {91DB217B-A8DF-4EF6-982F-BAC7DE6A9172} - System32\Tasks\{CEE0BB73-2B96-46B9-A79C-64BFCF275308} => C:\Program Files\Essentware\PCKAV\PCKAV.exe Task: {9F54B95F-5096-4803-AE61-E9B3AC5B616D} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> Brak pliku <==== UWAGA Task: {A124291D-AB07-4715-8A13-35A9BBA5FE5D} - System32\Tasks\3c91fcc2-ce59-42b3-b901-f68079520898 => C:\Users\vengador\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe <==== UWAGA Task: {A75676C5-DF58-4129-A0D8-E1708FAAE01A} - System32\Tasks\EOZZZH => C:\Users\vengador\AppData\Roaming\EOZZZH.exe <==== UWAGA Task: {ABE2F158-E3FA-408D-888B-1554E42052FB} - System32\Tasks\{DF826E43-626E-4816-A5F4-E9E532306CE4} => pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files\VS Revo Group\Revo Uninstaller" Task: {AE31856F-768B-4416-91DE-A9FC0E5C0E5B} - System32\Tasks\ZFNENS => C:\ProgramData\75b516f7def3449383a44752d9f6e6a9\75b516f7def3449383a44752d9f6e6a9.exe <==== UWAGA Task: {B916BDCD-47AD-44E2-9710-E856FE0F908F} - System32\Tasks\{A64C62FD-E489-4FD1-A9E4-100DF1F88AB6} => C:\Users\vengador\Documents\DCC-E2_original\VCC-E2\DCC-E2_original.exe Task: {BE39FEF5-07F6-4AF4-BAE9-3E9E39D28BE2} - System32\Tasks\{83767AE3-1A21-47AF-BF20-B1CBE4672D71} => Chrome.exe hxxp://ui.skype.com/ui/0/6.16.0.105/pl/go/help.faq.installer?LastError=1638 Task: {C08D62A7-2E59-4505-B43A-15790D71D202} - System32\Tasks\{1ED364EA-EB60-4415-B56D-1B5236BCEBAE} => C:\ProgramData\dQgCHYo\dat\SetjbJ.exe Task: {C1EFCBA5-D778-4A58-A855-C3DDFA9043A8} - System32\Tasks\{EFD48EA0-E8E7-49D9-9193-C0AD6DE071AC} => pcalua.exe -a C:\Users\vengador\Downloads\sp67283.exe -d C:\Users\vengador\Downloads Task: {CE1DACB0-0D1F-4D3B-8926-B4AFE3772388} - \SimpleFiles Installer Starter -> Brak pliku <==== UWAGA Task: {D21F6024-191F-4454-BBBC-09A650DA2549} - \Microsoft\Windows\Application Experience\AitAgent -> Brak pliku <==== UWAGA Task: {DE30B5FF-5C3F-4A8E-95A3-F3E64850CB32} - System32\Tasks\{D2027F53-DA84-4C76-9F69-37CF6109984A} => Chrome.exe hxxp://ui.skype.com/ui/0/6.16.0.105/pl/abandoninstall?page=tsMain Task: {F032786C-ED67-458F-B06B-6835B4F3C7A2} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> Brak pliku <==== UWAGA Task: {F3A41A68-6244-4FC8-8BC2-1D72AF61C287} - System32\Tasks\{BCD45918-03EC-4419-AEE0-167CC9AF92E2} => pcalua.exe -a "C:\Program Files\VAP11G\VAP11G_Setup.exe" -d "C:\Program Files\VAP11G" HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA HKU\S-1-5-21-4173278026-601312190-193035093-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-4173278026-601312190-193035093-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch URLSearchHook: HKLM -> Domyślne = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4173278026-601312190-193035093-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = DeleteKey: HKCU\Software\Mozilla DeleteKey: HKCU\Software\MozillaPlugins DeleteKey: HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome.6DIE5Y5PZSICHS6GHHHPJHQQB4 DeleteKey: HKLM\SOFTWARE\Mozilla DeleteKey: HKLM\SOFTWARE\mozilla.org DeleteKey: HKLM\SOFTWARE\MozillaPlugins DeleteKey: HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main DeleteKey: HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main DeleteKey: HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main DeleteKey: HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes DeleteKey: HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes DeleteKey: HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes Reg: reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /f Reg: reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /ve /t REG_SZ /d Bing /f Reg: reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /v URL /t REG_SZ /d "http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC" /f Reg: reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /v DisplayName /t REG_SZ /d "@ieframe.dll,-12512" /f C:\Program Files\c0db8e320ddb3efa0e6fccc295ebd1ba C:\Program Files\Enigma Software Group C:\Program Files\Plumbytes Software C:\ProgramData\Aeroadmin C:\sh4ldr C:\TOSTACK C:\Users\vengador\AppData\Local\Temp-log.txt C:\Users\vengador\AppData\Local\l3hjpSfeReLyvxXn1o C:\Users\vengador\AppData\Local\brave C:\Users\vengador\AppData\Local\Enigma-TV C:\Users\vengador\AppData\Local\iDeerApp C:\Users\vengador\AppData\Local\SquirrelTemp C:\Users\vengador\AppData\Local\Microsoft\BingSvc C:\Users\vengador\AppData\Roaming\agent.dat C:\Users\vengador\AppData\Roaming\BYAIAMUF C:\Users\vengador\AppData\Roaming\CDDXPOC C:\Users\vengador\AppData\Roaming\EOZZZH C:\Users\vengador\AppData\Roaming\GiftBag.db C:\Users\vengador\AppData\Roaming\GYMDSNeucwSTMTOdohUM7a2FZV C:\Users\vengador\AppData\Roaming\Installer.dat C:\Users\vengador\AppData\Roaming\Main.dat C:\Users\vengador\AppData\Roaming\OYH C:\Users\vengador\AppData\Roaming\WB.CFG C:\Users\vengador\AppData\Roaming\Z2jBPDz3TkPktFmEsYYLs4 C:\Users\vengador\AppData\Roaming\AVAST Software C:\Users\vengador\AppData\Roaming\brave C:\Users\vengador\AppData\Roaming\Maxthon3 C:\Users\vengador\AppData\Roaming\Mozilla C:\Users\vengador\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\搜狐影音.lnk C:\Users\vengador\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\搜狐影音.lnk C:\Users\vengador\AppData\Roaming\Microsoft\Windows\SendTo\Android (ALLPlayer Pilot).lnk C:\Users\vengador\Start Menu\Programs\SpyHunter C:\Users\vengador\Documents\AeroAdmin.exe C:\Users\vengador\Documents\RegRun2 C:\Users\Public\Documents\regruninfo C:\Windows\6ec8f5c044a5a5ed090cc09f2c292fe8.exe C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP C:\Windows\REIMAGE.del C:\Windows\winstart.bat C:\Windows\system32\kz.exe C:\Windows\system32\PARTIZAN.TXT C:\Windows\system32\Drivers\90037500ac042c37edb2789a3b12ac68.sys C:\Windows\system32\Drivers\EsgScanner.sys C:\Windows\system32\log Folder: C:\Program Files\Common Files\AV CMD: netsh advfirewall reset EmptyTemp: ***************** Procesy zostały pomyślnie zamknięte. Punkt przywracania został pomyślnie utworzony. ================== Zip: =================== "C:\Windows\system32\GroupPolicy" -> nie znaleziono =========== Zip: Koniec =========== "C:\Windows\system32\GroupPolicy" => nie znaleziono. WMI_ActiveScriptEventConsumer_ASEC: <===== UWAGA => nie znaleziono HKU\S-1-5-21-4173278026-601312190-193035093-1000\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc => Wartość nie znaleziono. AppMgmt => serwis nie znaleziono. EsgScanner => serwis nie znaleziono. catchme => serwis nie znaleziono. CkerloyClient => serwis nie znaleziono. cpuz134 => serwis nie znaleziono. esgiguard => serwis nie znaleziono. kisnetm => serwis nie znaleziono. Partizan => serwis nie znaleziono. HKLM\System\CurrentControlSet\Control\SafeBoot\Network\AeroadminService => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{003E6061-2EA1-46A5-A7CC-57C9C1374B38} => klucz nie znaleziono. C:\Windows\System32\Tasks\{2C7F69D8-79B9-4287-A72D-5CD34EC62B7E} => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2C7F69D8-79B9-4287-A72D-5CD34EC62B7E} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AB99961-DF7D-4FB5-AE8C-771EC90FBD25} => klucz nie znaleziono. C:\Windows\System32\Tasks\Driver Restore-RTMUpdater => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Restore-RTMUpdater => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20C669E0-0A1A-42C4-8625-9D825B340A45} => klucz nie znaleziono. C:\Windows\System32\Tasks\{E0BFA41F-2D33-4B39-9652-D589A5B681F0} => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E0BFA41F-2D33-4B39-9652-D589A5B681F0} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BD05BA6-988D-4BD3-A9CD-9A39F80AF524} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C9F7EDC-D9B2-4307-BA06-AA9B4A1B490A} => klucz nie znaleziono. C:\Windows\System32\Tasks\{62407798-82CF-4C2A-98BB-E09473309398} => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{62407798-82CF-4C2A-98BB-E09473309398} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33DD72F6-B038-48F7-93CD-9DBED5952B36} => klucz nie znaleziono. C:\Windows\System32\Tasks\Driver Restore-RTMScanRunOnce => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Restore-RTMScanRunOnce => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A09AC2E-EF6E-48CA-80F8-8A9E3403C8F5} => klucz nie znaleziono. C:\Windows\System32\Tasks\{65058402-B5FB-4304-BD31-CA5B21B0DF4F} => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{65058402-B5FB-4304-BD31-CA5B21B0DF4F} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A6A94FF-6B86-414C-8CA6-6D0E74C117AB} => klucz nie znaleziono. C:\Windows\System32\Tasks\{2F3B0F8A-8E4D-4C68-83BD-BC5FBAE9C7CB} => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2F3B0F8A-8E4D-4C68-83BD-BC5FBAE9C7CB} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3BED1D22-16DB-40E0-8E39-2417843C202B} => klucz nie znaleziono. C:\Windows\System32\Tasks\Driver Restore-RTMScan => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Restore-RTMScan => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C075601-2ECE-4603-A50A-315E5D98D542} => klucz nie znaleziono. C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1435081354 => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1435081354 => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4012C96D-FA48-4C57-B8DE-8A034A00A365} => klucz nie znaleziono. C:\Windows\System32\Tasks\SpyHunter4Startup => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{445E124D-8AD6-403C-A809-D9CBC293662F} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTask => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{489C18CD-9C86-4753-9AD6-F62E80249FDB} => klucz nie znaleziono. C:\Windows\System32\Tasks\GridinSoft Anti-Malware => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GridinSoft Anti-Malware => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5002B4E1-93CA-4092-8E2E-71AEE41D0747} => klucz nie znaleziono. C:\Windows\System32\Tasks\{F1D5C380-FD57-424D-BF8E-CF2B8308B69F} => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F1D5C380-FD57-424D-BF8E-CF2B8308B69F} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B184694-64C3-4633-94C5-945B3FA561D6} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsBackup\ConfigNotification => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C9F0A31-B8F6-4959-BBBC-64467B6188D5} => klucz nie znaleziono. C:\Windows\System32\Tasks\{ECD507A8-2EC2-4527-8AAA-BE45CD2548D4} => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{ECD507A8-2EC2-4527-8AAA-BE45CD2548D4} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{815E3312-3BE3-4EFD-9DD2-84BF66255144} => klucz nie znaleziono. C:\Windows\System32\Tasks\Driver Restore-RTMRules => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Restore-RTMRules => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8720C8A5-BB6B-4191-97F1-B51F4500B690} => klucz nie znaleziono. C:\Windows\System32\Tasks\{C2813ABB-4A41-4F03-8E7D-9CC1AFE34C40} => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C2813ABB-4A41-4F03-8E7D-9CC1AFE34C40} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C718454-4770-4EA4-B80A-70C330087E6D} => klucz nie znaleziono. C:\Windows\System32\Tasks\Ckerloy Client => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ckerloy Client => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91DB217B-A8DF-4EF6-982F-BAC7DE6A9172} => klucz nie znaleziono. C:\Windows\System32\Tasks\{CEE0BB73-2B96-46B9-A79C-64BFCF275308} => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CEE0BB73-2B96-46B9-A79C-64BFCF275308} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F54B95F-5096-4803-AE61-E9B3AC5B616D} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A124291D-AB07-4715-8A13-35A9BBA5FE5D} => klucz nie znaleziono. C:\Windows\System32\Tasks\3c91fcc2-ce59-42b3-b901-f68079520898 => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3c91fcc2-ce59-42b3-b901-f68079520898 => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A75676C5-DF58-4129-A0D8-E1708FAAE01A} => klucz nie znaleziono. C:\Windows\System32\Tasks\EOZZZH => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOZZZH => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ABE2F158-E3FA-408D-888B-1554E42052FB} => klucz nie znaleziono. C:\Windows\System32\Tasks\{DF826E43-626E-4816-A5F4-E9E532306CE4} => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DF826E43-626E-4816-A5F4-E9E532306CE4} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE31856F-768B-4416-91DE-A9FC0E5C0E5B} => klucz nie znaleziono. C:\Windows\System32\Tasks\ZFNENS => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ZFNENS => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B916BDCD-47AD-44E2-9710-E856FE0F908F} => klucz nie znaleziono. C:\Windows\System32\Tasks\{A64C62FD-E489-4FD1-A9E4-100DF1F88AB6} => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A64C62FD-E489-4FD1-A9E4-100DF1F88AB6} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE39FEF5-07F6-4AF4-BAE9-3E9E39D28BE2} => klucz nie znaleziono. C:\Windows\System32\Tasks\{83767AE3-1A21-47AF-BF20-B1CBE4672D71} => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{83767AE3-1A21-47AF-BF20-B1CBE4672D71} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C08D62A7-2E59-4505-B43A-15790D71D202} => klucz nie znaleziono. C:\Windows\System32\Tasks\{1ED364EA-EB60-4415-B56D-1B5236BCEBAE} => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1ED364EA-EB60-4415-B56D-1B5236BCEBAE} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C1EFCBA5-D778-4A58-A855-C3DDFA9043A8} => klucz nie znaleziono. C:\Windows\System32\Tasks\{EFD48EA0-E8E7-49D9-9193-C0AD6DE071AC} => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EFD48EA0-E8E7-49D9-9193-C0AD6DE071AC} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE1DACB0-0D1F-4D3B-8926-B4AFE3772388} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SimpleFiles Installer Starter => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D21F6024-191F-4454-BBBC-09A650DA2549} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\AitAgent => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE30B5FF-5C3F-4A8E-95A3-F3E64850CB32} => klucz nie znaleziono. C:\Windows\System32\Tasks\{D2027F53-DA84-4C76-9F69-37CF6109984A} => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D2027F53-DA84-4C76-9F69-37CF6109984A} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F032786C-ED67-458F-B06B-6835B4F3C7A2} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3A41A68-6244-4FC8-8BC2-1D72AF61C287} => klucz nie znaleziono. C:\Windows\System32\Tasks\{BCD45918-03EC-4419-AEE0-167CC9AF92E2} => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BCD45918-03EC-4419-AEE0-167CC9AF92E2} => klucz nie znaleziono. HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => klucz nie znaleziono. HKU\S-1-5-21-4173278026-601312190-193035093-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => klucz nie znaleziono. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono HKU\S-1-5-21-4173278026-601312190-193035093-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => Wartość nie znaleziono. "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => klucz pomyślnie usunięto HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => klucz nie znaleziono. HKU\S-1-5-21-4173278026-601312190-193035093-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} => klucz nie znaleziono. HKCR\CLSID\{2f23ab71-4ac6-41f2-a955-ea576e553146} => klucz nie znaleziono. HKCU\Software\Mozilla => klucz nie znaleziono. HKCU\Software\MozillaPlugins => klucz nie znaleziono. HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome.6DIE5Y5PZSICHS6GHHHPJHQQB4 => klucz nie znaleziono. HKLM\SOFTWARE\Mozilla => klucz nie znaleziono. HKLM\SOFTWARE\mozilla.org => klucz nie znaleziono. HKLM\SOFTWARE\MozillaPlugins => klucz nie znaleziono. HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main => klucz nie znaleziono. HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main => klucz nie znaleziono. HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main => klucz nie znaleziono. HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes => klucz nie znaleziono. HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes => klucz nie znaleziono. HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes => klucz nie znaleziono. ========= reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /ve /t REG_SZ /d Bing /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /v URL /t REG_SZ /d "http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC" /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /v DisplayName /t REG_SZ /d "@ieframe.dll,-12512" /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= "C:\Program Files\c0db8e320ddb3efa0e6fccc295ebd1ba" => nie znaleziono. "C:\Program Files\Enigma Software Group" => nie znaleziono. "C:\Program Files\Plumbytes Software" => nie znaleziono. "C:\ProgramData\Aeroadmin" => nie znaleziono. "C:\sh4ldr" => nie znaleziono. "C:\TOSTACK" => nie znaleziono. "C:\Users\vengador\AppData\Local\Temp-log.txt" => nie znaleziono. "C:\Users\vengador\AppData\Local\l3hjpSfeReLyvxXn1o" => nie znaleziono. "C:\Users\vengador\AppData\Local\brave" => nie znaleziono. "C:\Users\vengador\AppData\Local\Enigma-TV" => nie znaleziono. "C:\Users\vengador\AppData\Local\iDeerApp" => nie znaleziono. "C:\Users\vengador\AppData\Local\SquirrelTemp" => nie znaleziono. "C:\Users\vengador\AppData\Local\Microsoft\BingSvc" => nie znaleziono. "C:\Users\vengador\AppData\Roaming\agent.dat" => nie znaleziono. "C:\Users\vengador\AppData\Roaming\BYAIAMUF" => nie znaleziono. "C:\Users\vengador\AppData\Roaming\CDDXPOC" => nie znaleziono. "C:\Users\vengador\AppData\Roaming\EOZZZH" => nie znaleziono. "C:\Users\vengador\AppData\Roaming\GiftBag.db" => nie znaleziono. "C:\Users\vengador\AppData\Roaming\GYMDSNeucwSTMTOdohUM7a2FZV" => nie znaleziono. "C:\Users\vengador\AppData\Roaming\Installer.dat" => nie znaleziono. "C:\Users\vengador\AppData\Roaming\Main.dat" => nie znaleziono. "C:\Users\vengador\AppData\Roaming\OYH" => nie znaleziono. "C:\Users\vengador\AppData\Roaming\WB.CFG" => nie znaleziono. "C:\Users\vengador\AppData\Roaming\Z2jBPDz3TkPktFmEsYYLs4" => nie znaleziono. "C:\Users\vengador\AppData\Roaming\AVAST Software" => nie znaleziono. "C:\Users\vengador\AppData\Roaming\brave" => nie znaleziono. "C:\Users\vengador\AppData\Roaming\Maxthon3" => nie znaleziono. "C:\Users\vengador\AppData\Roaming\Mozilla" => nie znaleziono. "C:\Users\vengador\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\搜狐影音.lnk" => nie znaleziono. "C:\Users\vengador\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\搜狐影音.lnk" => nie znaleziono. "C:\Users\vengador\AppData\Roaming\Microsoft\Windows\SendTo\Android (ALLPlayer Pilot).lnk" => nie znaleziono. "C:\Users\vengador\Start Menu\Programs\SpyHunter" => nie znaleziono. "C:\Users\vengador\Documents\AeroAdmin.exe" => nie znaleziono. "C:\Users\vengador\Documents\RegRun2" => nie znaleziono. "C:\Users\Public\Documents\regruninfo" => nie znaleziono. "C:\Windows\6ec8f5c044a5a5ed090cc09f2c292fe8.exe" => nie znaleziono. "C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP" => nie znaleziono. "C:\Windows\REIMAGE.del" => nie znaleziono. "C:\Windows\winstart.bat" => nie znaleziono. "C:\Windows\system32\kz.exe" => nie znaleziono. "C:\Windows\system32\PARTIZAN.TXT" => nie znaleziono. "C:\Windows\system32\Drivers\90037500ac042c37edb2789a3b12ac68.sys" => nie znaleziono. "C:\Windows\system32\Drivers\EsgScanner.sys" => nie znaleziono. C:\Windows\system32\log => pomyślnie przeniesiono ========================= Folder: C:\Program Files\Common Files\AV ======================== 2016-09-28 12:57 - 2016-09-28 13:45 - 0000000 ____D () C:\Program Files\Common Files\AV\avast! Antivirus 2016-09-28 12:57 - 2016-09-28 13:31 - 0004127 _____ () C:\Program Files\Common Files\AV\avast! Antivirus\userdata.cab ====== Koniec Folder: ====== ========= netsh advfirewall reset ========= Ok. ========= Koniec CMD: ========= =========== EmptyTemp: ========== BITS transfer queue => 12582912 B DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 3658187 B Java, Flash, Steam htmlcache => 0 B Windows/system/drivers => 44384 B Edge => 0 B Chrome => 10037967 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 0 B LocalService => 0 B NetworkService => 844 B vengador => 17847 B RecycleBin => 31573 B EmptyTemp: => 25.2 MB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 16:41:30 ====