Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 17-10-2016
Uruchomiony przez User (22-10-2016 18:37:20) Run:1
Uruchomiony z C:\Users\User\Desktop
Załadowane profile: User (Dostępne profile: User)
Tryb startu: Normal
==============================================

fixlist - zawartość:
*****************
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-1538902908-1056142196-2300059988-1000\...\Run: [Application] => C:\Users\User\AppData\Roaming\app.exe [591360 2016-10-21] ()
HKU\S-1-5-21-1538902908-1056142196-2300059988-1000\...\Run: [AdobeBridge] => [X]
Task: {288CDC57-51D8-445B-B130-477AEA9AEA46} - System32\Tasks\Driver Booster SkipUAC (User) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {43BF71C1-6C50-47C1-97AE-580356B8E9A9} - System32\Tasks\{B6CAE659-5001-438C-8D0B-DCC5D7BDFD41} => Firefox.exe hxxp://ui.skype.com/ui/0/6.22.81.104/pl/abandoninstall?source=lightinstaller&amp;page=tsMain
Task: {5CC86CA8-62D0-4B14-A788-4EB1F95298AC} - System32\Tasks\{4CC226A8-4E0F-4C84-96F5-C3FF85A08F30} => pcalua.exe -a C:\Users\User\Desktop\PP1300WGDIWinx86_1611120PL\PP1300WGDIWinx86_1611120PL\setup.exe -d C:\Users\User\Desktop\PP1300WGDIWinx86_1611120PL\PP1300WGDIWinx86_1611120PL
Task: {68DE3ECE-3194-4ACC-B7F5-238E766DC16D} - \Inst_Rep -> Brak pliku <==== UWAGA
Task: {90791DF4-3D58-4F1B-B347-AC2DC8E7BABB} - System32\Tasks\{37C8C52E-7FCA-44D3-A3EF-FF39D742E95A} => pcalua.exe -a C:\Users\User\AppData\Roaming\oursurfing\UninstallManager.exe -c -ptid=smt
Task: {BDDDC19F-A158-43EA-9BBF-81658837F8A6} - System32\Tasks\{C2F59612-9445-4AA4-9ACC-ECDB8A2AC0C2} => pcalua.exe -a E:\Setup.exe -d E:\
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
S1 wfdrvr_vt_1_10_0_28; system32\drivers\wfdrvr_vt_1_10_0_28.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.oursurfing.com/web/?type=ds&ts=1433077722&z=aca7491ac39e125b676fd7cgdz3c8o8t5t8gee0z3q&from=smt&uid=WDCXWD10PURX-64D85Y0_WD-WCC4JHRA7XYKA7XYK&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.oursurfing.com/web/?type=ds&ts=1433077722&z=aca7491ac39e125b676fd7cgdz3c8o8t5t8gee0z3q&from=smt&uid=WDCXWD10PURX-64D85Y0_WD-WCC4JHRA7XYKA7XYK&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.oursurfing.com/?type=hppp&ts=1433077747&z=a5a01537a45355b3760d66egbz2c6o5t0t5g2e6mcg&from=smt&uid=WDCXWD10PURX-64D85Y0_WD-WCC4JHRA7XYKA7XYK
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.oursurfing.com/?type=hppp&ts=1433077747&z=a5a01537a45355b3760d66egbz2c6o5t0t5g2e6mcg&from=smt&uid=WDCXWD10PURX-64D85Y0_WD-WCC4JHRA7XYKA7XYK
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1433077722&z=aca7491ac39e125b676fd7cgdz3c8o8t5t8gee0z3q&from=smt&uid=WDCXWD10PURX-64D85Y0_WD-WCC4JHRA7XYKA7XYK&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1433077722&z=aca7491ac39e125b676fd7cgdz3c8o8t5t8gee0z3q&from=smt&uid=WDCXWD10PURX-64D85Y0_WD-WCC4JHRA7XYKA7XYK&q={searchTerms}
HKU\S-1-5-21-1538902908-1056142196-2300059988-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.oursurfing.com/web/?type=dspp&ts=1433077747&z=a5a01537a45355b3760d66egbz2c6o5t0t5g2e6mcg&from=smt&uid=WDCXWD10PURX-64D85Y0_WD-WCC4JHRA7XYKA7XYK&q={searchTerms}
HKU\S-1-5-21-1538902908-1056142196-2300059988-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-1538902908-1056142196-2300059988-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.oursurfing.com/?type=hppp&ts=1433077747&z=a5a01537a45355b3760d66egbz2c6o5t0t5g2e6mcg&from=smt&uid=WDCXWD10PURX-64D85Y0_WD-WCC4JHRA7XYKA7XYK
HKU\S-1-5-21-1538902908-1056142196-2300059988-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.oursurfing.com/web/?type=dspp&ts=1433077747&z=a5a01537a45355b3760d66egbz2c6o5t0t5g2e6mcg&from=smt&uid=WDCXWD10PURX-64D85Y0_WD-WCC4JHRA7XYKA7XYK&q={searchTerms}
HKU\S-1-5-21-1538902908-1056142196-2300059988-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=pl-PL&Src=MSE&Tid=0003446E&OHP=about%3ATabs&OSP=http%3A%2F%2Fwww.oursurfing.com%2Fweb%2F%3Futm%5Fsource%3Db%26utm%5Fmedium%3Dsmt%26utm%5Fcampaign%3Dinstall%5Fie%26utm%5Fcontent%3Dds%26from%3Dsmt%26uid%3DWDCXWD10PURX%2D64D85Y0%5FWD%2DWCC4JHRA7XYKA7XYK%26ts%3D1433077753%26type%3Ddefault%26q%3D%7BsearchTerms%7D
SearchScopes: HKU\S-1-5-21-1538902908-1056142196-2300059988-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.oursurfing.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=WDCXWD10PURX-64D85Y0_WD-WCC4JHRA7XYKA7XYK&ts=1433077753&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1538902908-1056142196-2300059988-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.oursurfing.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=WDCXWD10PURX-64D85Y0_WD-WCC4JHRA7XYKA7XYK&ts=1433077753&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1538902908-1056142196-2300059988-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-1538902908-1056142196-2300059988-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.oursurfing.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=WDCXWD10PURX-64D85Y0_WD-WCC4JHRA7XYKA7XYK&ts=1433077753&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1538902908-1056142196-2300059988-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.oursurfing.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=WDCXWD10PURX-64D85Y0_WD-WCC4JHRA7XYKA7XYK&ts=1433077753&type=default&q={searchTerms}
BHO-x32: Brak nazwy -> {d00ab4cc-662c-40b6-a85f-d53086f4bb16} -> Brak pliku
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.oursurfing.com/?type=sc&ts=1433077722&z=aca7491ac39e125b676fd7cgdz3c8o8t5t8gee0z3q&from=smt&uid=WDCXWD10PURX-64D85Y0_WD-WCC4JHRA7XYKA7XYK
FF HKLM-x32\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\44ebqatm.default\extensions\sweetsearch@gmail.com => nie znaleziono
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [Brak pliku]
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [Brak pliku]
C:\end
C:\Program Files (x86)\Mozilla Firefox\extensions
C:\ProgramData\mntemp
C:\ProgramData\TEMP
C:\Users\User\AppData\Roaming\app.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk
CMD: netsh advfirewall reset
EmptyTemp:
*****************

Procesy zostały pomyślnie zamknięte.
Punkt przywracania został pomyślnie utworzony.
HKU\S-1-5-21-1538902908-1056142196-2300059988-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Application => Wartość pomyślnie usunięto
HKU\S-1-5-21-1538902908-1056142196-2300059988-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => Wartość pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{288CDC57-51D8-445B-B130-477AEA9AEA46}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{288CDC57-51D8-445B-B130-477AEA9AEA46}" => klucz pomyślnie usunięto
C:\Windows\System32\Tasks\Driver Booster SkipUAC (User) => pomyślnie przeniesiono
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (User)" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{43BF71C1-6C50-47C1-97AE-580356B8E9A9}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43BF71C1-6C50-47C1-97AE-580356B8E9A9}" => klucz pomyślnie usunięto
C:\Windows\System32\Tasks\{B6CAE659-5001-438C-8D0B-DCC5D7BDFD41} => pomyślnie przeniesiono
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B6CAE659-5001-438C-8D0B-DCC5D7BDFD41}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5CC86CA8-62D0-4B14-A788-4EB1F95298AC}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5CC86CA8-62D0-4B14-A788-4EB1F95298AC}" => klucz pomyślnie usunięto
C:\Windows\System32\Tasks\{4CC226A8-4E0F-4C84-96F5-C3FF85A08F30} => pomyślnie przeniesiono
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4CC226A8-4E0F-4C84-96F5-C3FF85A08F30}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{68DE3ECE-3194-4ACC-B7F5-238E766DC16D}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68DE3ECE-3194-4ACC-B7F5-238E766DC16D}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Inst_Rep" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{90791DF4-3D58-4F1B-B347-AC2DC8E7BABB}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90791DF4-3D58-4F1B-B347-AC2DC8E7BABB}" => klucz pomyślnie usunięto
C:\Windows\System32\Tasks\{37C8C52E-7FCA-44D3-A3EF-FF39D742E95A} => pomyślnie przeniesiono
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{37C8C52E-7FCA-44D3-A3EF-FF39D742E95A}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BDDDC19F-A158-43EA-9BBF-81658837F8A6}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDDDC19F-A158-43EA-9BBF-81658837F8A6}" => klucz pomyślnie usunięto
C:\Windows\System32\Tasks\{C2F59612-9445-4AA4-9ACC-ECDB8A2AC0C2} => pomyślnie przeniesiono
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C2F59612-9445-4AA4-9ACC-ECDB8A2AC0C2}" => klucz pomyślnie usunięto
cpuz136 => serwis pomyślnie usunięto
GPUZ => serwis pomyślnie usunięto
MSICDSetup => serwis pomyślnie usunięto
NTIOLib_1_0_C => serwis pomyślnie usunięto
wfdrvr_vt_1_10_0_28 => serwis pomyślnie usunięto
xhunter1 => serwis pomyślnie usunięto
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono
HKU\S-1-5-21-1538902908-1056142196-2300059988-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono
HKU\S-1-5-21-1538902908-1056142196-2300059988-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono
HKU\S-1-5-21-1538902908-1056142196-2300059988-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono
HKU\S-1-5-21-1538902908-1056142196-2300059988-1000\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono
HKU\S-1-5-21-1538902908-1056142196-2300059988-1000\Software\Microsoft\Internet Explorer\Main\\First Home Page => Wartość pomyślnie usunięto
HKU\S-1-5-21-1538902908-1056142196-2300059988-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie usunięto
"HKU\S-1-5-21-1538902908-1056142196-2300059988-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => klucz pomyślnie usunięto
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => klucz nie znaleziono. 
"HKU\S-1-5-21-1538902908-1056142196-2300059988-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}" => klucz pomyślnie usunięto
HKCR\CLSID\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} => klucz nie znaleziono. 
"HKU\S-1-5-21-1538902908-1056142196-2300059988-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => klucz pomyślnie usunięto
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => klucz nie znaleziono. 
"HKU\S-1-5-21-1538902908-1056142196-2300059988-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}" => klucz pomyślnie usunięto
HKCR\CLSID\{E733165D-CBCF-4FDA-883E-ADEF965B476C} => klucz nie znaleziono. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d00ab4cc-662c-40b6-a85f-d53086f4bb16}" => klucz pomyślnie usunięto
HKCR\Wow6432Node\CLSID\{d00ab4cc-662c-40b6-a85f-d53086f4bb16} => klucz nie znaleziono. 
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\sweetsearch@gmail.com => Wartość pomyślnie usunięto
"HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.6.2" => klucz pomyślnie usunięto
"HKLM\Software\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.6.2" => klucz pomyślnie usunięto
C:\end => pomyślnie przeniesiono
C:\Program Files (x86)\Mozilla Firefox\extensions => pomyślnie przeniesiono
C:\ProgramData\mntemp => pomyślnie przeniesiono
C:\ProgramData\TEMP => pomyślnie przeniesiono
C:\Users\User\AppData\Roaming\app.exe => pomyślnie przeniesiono
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk => pomyślnie przeniesiono

========= netsh advfirewall reset =========

Ok.


========= Koniec  CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 25983972 B
Java, Flash, Steam htmlcache => 692 B
Windows/system/drivers => 3224075 B
Edge => 0 B
Chrome => 0 B
Firefox => 105650872 B
Opera => 5915648 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16802 B
systemprofile32 => 5436835 B
LocalService => 0 B
NetworkService => 465790907 B
User => 7812151 B

RecycleBin => 0 B
EmptyTemp: => 599.1 MB danych tymczasowych Usunięto.

================================


System wymagał restartu.

==== Koniec  Fixlog 18:37:39 ====