Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 17-01-2021 Uruchomiony przez Byaku (18-01-2021 20:09:45) Run:1 Uruchomiony z C:\Users\Byaku\Downloads Załadowane profile: Byaku Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CreateRestorePoint: CloseProcesses: EmptyTemp: File: C:\Windows\system32\wintab32.dll HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\Run: [AdobeBridge] => [X] IFEO\taskmgr.exe: [Debugger] Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA Task: {19F5D4F6-00BA-44A4-9758-54B40835CB03} - System32\Tasks\Mrsycikesh Agent => C:\Program Files (x86)\Kdaghgujuent\bnent.exe [779712 2016-12-11] (Glarysoft LTD -> Glarysoft Ltd) Task: {20E410C7-9A9B-423C-9805-717B37F782CB} - System32\Tasks\{DF10CBC6-AC0F-43C1-95C4-0CC3585A4F2E} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\DRIVER\7\INTEL3~1\IDRIVER.EXE -d C:\Windows\SysWOW64 -c /reboot{07A540AB-D785-11D5-8E89-0090275862A0} /z Task: {60FDCB38-0139-4E80-8A97-716671ECDDE9} - System32\Tasks\{8C34442B-70C3-49F8-B920-753547265428} => C:\Windows\system32\pcalua.exe -a C:\PaintToolSAI\uninst.exe -d C:\PaintToolSAI Task: {6338096B-7333-47AE-8D1E-BE8AFA05CC93} - Brak ścieżki do pliku Task: {A20436DB-2CC0-411B-8501-049136F2EDC2} - Brak ścieżki do pliku Task: {B04E4E2E-589F-4E3D-8D95-4DDF21A4500E} - Brak ścieżki do pliku Task: {B191E081-3F7C-4EE6-986D-AD74AB6B946E} - Brak ścieżki do pliku Task: {B77DE1B8-5F27-4D76-8C03-9D9EC43C625D} - Brak ścieżki do pliku Tcpip\..\Interfaces\{35242337-E577-453E-AEC9-677CF8AEEE5D}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{8C20FF42-A164-4F08-ABF3-586EF5B9DE68}: [DhcpNameServer] 192.168.2.1 S3 ekrnEpfw; "C:\Program Files\ESET\ESET Smart Security\ekrn.exe" [X] S1 chhvdfnv; \??\C:\Windows\system32\drivers\chhvdfnv.sys [X] S3 moufiltr; \SystemRoot\System32\drivers\moufiltr.sys [X] U2 snare; Brak ImagePath S3 vhidmini; \SystemRoot\System32\drivers\walvhid.sys [X] S1 xuffnqgq; \??\C:\Windows\system32\drivers\xuffnqgq.sys [X] NETSVCx32: HpSvc -> Brak ścieżki do pliku. NETSVCx32: GmSvc -> Brak ścieżki do pliku. NETSVCx32: WpSvc -> Brak ścieżki do pliku. 2021-01-17 23:03 - 2021-01-18 08:38 - 000000266 __RSH C:\ProgramData\ntuser.pol 2021-01-17 22:59 - 2016-12-17 11:15 - 000000000 ____D C:\Program Files\MBZN0EIRWP 2021-01-17 22:59 - 2016-12-16 18:04 - 000000000 ____D C:\Program Files\X41L0UOL5Q 2021-01-17 22:59 - 2016-12-16 18:04 - 000000000 ____D C:\Program Files\AT708TUM4M 2021-01-17 22:59 - 2016-12-16 18:04 - 000000000 ____D C:\Program Files\8TE9G2OBLT 2021-01-17 22:59 - 2016-12-16 18:04 - 000000000 ____D C:\Program Files\2AMZ3DQLV9 2021-01-17 22:59 - 2016-12-16 18:04 - 000000000 ____D C:\Program Files\0PQNGZSRRE 2021-01-17 22:59 - 2016-12-14 14:56 - 000000000 ____D C:\Program Files\BT5JZKUJYJ 2021-01-17 22:59 - 2016-12-14 14:56 - 000000000 ____D C:\Program Files\1CF2124EJB 2021-01-17 22:59 - 2016-12-12 20:06 - 000000000 ____D C:\Program Files\BL8OA46C2L 2021-01-17 22:59 - 2016-12-11 15:20 - 000000000 ____D C:\Program Files\0QE47M5KJK 2021-01-17 22:59 - 2016-12-11 13:30 - 000000000 ____D C:\Program Files\XBJHR73LSY 2021-01-17 22:58 - 2016-12-11 11:54 - 000000000 ____D C:\Program Files (x86)\Shubocult 2017-05-11 14:35 - 2017-05-11 14:35 - 000000000 _____ () C:\Users\Byaku\AppData\Local\{FAD5A184-C57E-478A-8159-3C7E25BC5F96} ContextMenuHandlers1: [KuaiZipShlExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} => -> Brak pliku ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll -> Brak pliku WMI:subscription\__TimerInstruction->SethomePage Interval Timer:: <==== UWAGA WMI:subscription\__IntervalTimerInstruction->SethomePage Interval Timer:: <==== UWAGA C:\Users\Byaku\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Kinga - Chrome.lnk CHR Profile: C:\Users\Byaku\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-02-01] <==== UWAGA AlternateDataStreams: C:\Windows\system32\drivers:ucdrv-x64.sys [80850] AlternateDataStreams: C:\Windows\system32\drivers:x64 [360536] AlternateDataStreams: C:\Windows\system32\drivers:x86 [1156450] HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131523573115457195&GUID=2DA3CB6D-37F6-41D4-B344-003B8B5AF930 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131523573115462959&GUID=2DA3CB6D-37F6-41D4-B344-003B8B5AF930 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130928323672552439&GUID=2DA3CB6D-37F6-41D4-B344-003B8B5AF930 HKU\S-1-5-21-2709180964-3026329352-173763364-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES007&pc=UE06 URLSearchHook: HKLM-x32 -> Domyślne = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = SearchScopes: HKU\.DEFAULT -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\.DEFAULT -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-19 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = BHO-x32: Brak nazwy -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> Brak pliku HKLM\...\StartupApproved\Run: => "WINCOM1AG" HKLM\...\StartupApproved\Run: => "WINCOM4EX" HKLM\...\StartupApproved\Run: => "WINCOM13V" HKLM\...\StartupApproved\Run: => "WINCOM28I" HKLM\...\StartupApproved\Run: => "WINCOM401" HKLM\...\StartupApproved\Run: => "WINCOMD0Q" HKLM\...\StartupApproved\Run: => "WINCOMDT2" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "Yahoo! Search" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "AH27DYG16T" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "PR7D21D2K0" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "2J6NU8VHC9" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "4THO1IK97G" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "F2SW9L1IOJ" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "OUIM9AU93L" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "PMM5FLRZ2E" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "R88HLBII65" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "IUYLLRM62N" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "I8GVKW93VJ" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "WF7NG36TRK" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "8YQI2IY2OK" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "20E6XMF978" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "5JB9R989OC" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "W1TOWRVF70" FirewallRules: [TCP Query User{EE82B542-3AD5-4904-8A1C-9712A0470373}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe => Brak pliku FirewallRules: [UDP Query User{F93CBF06-E12C-4B7D-A26E-9342750927C0}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe => Brak pliku FirewallRules: [{B5C9ED09-6F56-49AB-9403-9823C9A0F757}] => (Allow) C:\Program Files (x86)\Opera\opera.exe => Brak pliku FirewallRules: [{531FE1C0-8A78-4B71-BAE0-E0D76829A34F}] => (Allow) C:\Program Files (x86)\Opera\opera.exe => Brak pliku FirewallRules: [TCP Query User{44DD954A-0B4D-469A-9C47-981B66C968C9}C:\program files (x86)\opera\opera.exe] => (Block) C:\program files (x86)\opera\opera.exe => Brak pliku FirewallRules: [UDP Query User{10C1F563-45AB-423E-9C16-7FBB93880820}C:\program files (x86)\opera\opera.exe] => (Block) C:\program files (x86)\opera\opera.exe => Brak pliku FirewallRules: [TCP Query User{C01C9C43-9EE7-4F8B-BEE2-70491A498DC7}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe => Brak pliku FirewallRules: [UDP Query User{91E89B34-D418-4B37-B6BD-323C088ED4EA}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe => Brak pliku FirewallRules: [{426B5AB9-2E3E-4B2F-BD77-F95A9D142D6C}] => (Allow) C:\Users\Byaku\AppData\Roaming\uTorrent\uTorrent.exe => Brak pliku FirewallRules: [{ED374271-D7DA-4BEB-8A0B-797E6EE0C58A}] => (Allow) C:\Users\Byaku\AppData\Roaming\uTorrent\uTorrent.exe => Brak pliku FirewallRules: [{6668F4C7-C04D-4DAC-8C28-E69E0112B4F7}] => (Allow) C:\Users\Byaku\AppData\Roaming\360bizhi\Update\Link.exe => Brak pliku FirewallRules: [{6E5B88CF-37E8-4A37-9A4D-D72D03B69223}] => (Allow) C:\Users\Byaku\AppData\Roaming\360bizhi\Update\Link.exe => Brak pliku RemoveProxy: Hosts: ***************** Punkt przywracania został pomyślnie utworzony. Procesy zostały pomyślnie zamknięte. ========================= File: C:\Windows\system32\wintab32.dll ======================== C:\Windows\system32\wintab32.dll Brak podpisu cyfrowego MD5: F30555AB0E32DA20BCC95F606B644177 Data utworzenia i modyfikacji: 2020-12-29 17:01 - 2019-07-11 13:50 Rozmiar: 000145408 Atrybuty: ----A Firma: TODO: <公司名> Wewnętrzna nazwa: WinTab32.dll Oryginalna nazwa: WinTab32.dll Produkt: WinTab32 Opis: WinTab32 Plik Wersja: 1.5.2.0 Produkt Wersja: 1.5.2.0 Prawa autorskie: Copyright (C) 2019 VirusTotal: https://www.virustotal.com/gui/file/40201dc42ab6d925fb3ee64a3a903d9b63de81d9dd18bfc389e557ccc2fe1df8/detection/f-40201dc42ab6d925fb3ee64a3a903d9b63de81d9dd18bfc389e557ccc2fe1df8-1608586800 ====== Koniec File: ====== "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => pomyślnie usunięto HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\taskmgr.exe => pomyślnie usunięto C:\ProgramData\NTUSER.pol => pomyślnie przeniesiono HKLM\SOFTWARE\Policies\Google => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{19F5D4F6-00BA-44A4-9758-54B40835CB03}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{19F5D4F6-00BA-44A4-9758-54B40835CB03}" => pomyślnie usunięto C:\Windows\System32\Tasks\Mrsycikesh Agent => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Mrsycikesh Agent" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{20E410C7-9A9B-423C-9805-717B37F782CB}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20E410C7-9A9B-423C-9805-717B37F782CB}" => pomyślnie usunięto C:\Windows\System32\Tasks\{DF10CBC6-AC0F-43C1-95C4-0CC3585A4F2E} => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DF10CBC6-AC0F-43C1-95C4-0CC3585A4F2E}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{60FDCB38-0139-4E80-8A97-716671ECDDE9}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{60FDCB38-0139-4E80-8A97-716671ECDDE9}" => pomyślnie usunięto C:\Windows\System32\Tasks\{8C34442B-70C3-49F8-B920-753547265428} => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8C34442B-70C3-49F8-B920-753547265428}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{6338096B-7333-47AE-8D1E-BE8AFA05CC93}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6338096B-7333-47AE-8D1E-BE8AFA05CC93}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{A20436DB-2CC0-411B-8501-049136F2EDC2}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A20436DB-2CC0-411B-8501-049136F2EDC2}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B04E4E2E-589F-4E3D-8D95-4DDF21A4500E}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B04E4E2E-589F-4E3D-8D95-4DDF21A4500E}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B191E081-3F7C-4EE6-986D-AD74AB6B946E}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B191E081-3F7C-4EE6-986D-AD74AB6B946E}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B77DE1B8-5F27-4D76-8C03-9D9EC43C625D}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B77DE1B8-5F27-4D76-8C03-9D9EC43C625D}" => pomyślnie usunięto "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{35242337-E577-453E-AEC9-677CF8AEEE5D}\\DhcpNameServer" => pomyślnie usunięto "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8C20FF42-A164-4F08-ABF3-586EF5B9DE68}\\DhcpNameServer" => pomyślnie usunięto HKLM\System\CurrentControlSet\Services\ekrnEpfw => pomyślnie usunięto ekrnEpfw => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\chhvdfnv => pomyślnie usunięto chhvdfnv => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\moufiltr => pomyślnie usunięto moufiltr => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\snare => pomyślnie usunięto snare => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\vhidmini => pomyślnie usunięto vhidmini => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\xuffnqgq => pomyślnie usunięto xuffnqgq => serwis pomyślnie usunięto HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs HpSvc => pomyślnie usunięto HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs GmSvc => pomyślnie usunięto HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs WpSvc => pomyślnie usunięto "C:\ProgramData\ntuser.pol" => nie znaleziono C:\Program Files\MBZN0EIRWP => pomyślnie przeniesiono C:\Program Files\X41L0UOL5Q => pomyślnie przeniesiono C:\Program Files\AT708TUM4M => pomyślnie przeniesiono C:\Program Files\8TE9G2OBLT => pomyślnie przeniesiono C:\Program Files\2AMZ3DQLV9 => pomyślnie przeniesiono C:\Program Files\0PQNGZSRRE => pomyślnie przeniesiono C:\Program Files\BT5JZKUJYJ => pomyślnie przeniesiono C:\Program Files\1CF2124EJB => pomyślnie przeniesiono C:\Program Files\BL8OA46C2L => pomyślnie przeniesiono C:\Program Files\0QE47M5KJK => pomyślnie przeniesiono C:\Program Files\XBJHR73LSY => pomyślnie przeniesiono C:\Program Files (x86)\Shubocult => pomyślnie przeniesiono C:\Users\Byaku\AppData\Local\{FAD5A184-C57E-478A-8159-3C7E25BC5F96} => pomyślnie przeniesiono HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\KuaiZipShlExt => pomyślnie usunięto HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => pomyślnie usunięto HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => pomyślnie usunięto "SethomePage Interval Timer" => pomyślnie usunięto "SethomePage Interval Timer" => nie znaleziono C:\Users\Byaku\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Kinga - Chrome.lnk => pomyślnie przeniesiono C:\Users\Byaku\AppData\Local\Google\Chrome\User Data\ChromeDefaultData => pomyślnie przeniesiono C:\Windows\system32\drivers => ":ucdrv-x64.sys" ADS pomyślnie usunięto C:\Windows\system32\drivers => ":x64" ADS pomyślnie usunięto C:\Windows\system32\drivers => ":x86" ADS pomyślnie usunięto HKLM\Software\\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => Wartość pomyślnie przywrócono "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page" => pomyślnie usunięto HKU\S-1-5-21-2709180964-3026329352-173763364-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => Wartość pomyślnie przywrócono "HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\" => pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Wartość pomyślnie przywrócono "HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => pomyślnie usunięto HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => pomyślnie usunięto "HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => pomyślnie usunięto "HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => pomyślnie usunięto HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B69F34DD-F0F9-42DC-9EDD-957187DA688D} => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\WINCOM1AG" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\WINCOM1AG" => nie znaleziono "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\WINCOM4EX" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\WINCOM4EX" => nie znaleziono "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\WINCOM13V" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\WINCOM13V" => nie znaleziono "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\WINCOM28I" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\WINCOM28I" => nie znaleziono "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\WINCOM401" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\WINCOM401" => nie znaleziono "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\WINCOMD0Q" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\WINCOMD0Q" => nie znaleziono "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\WINCOMDT2" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\WINCOMDT2" => nie znaleziono "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Yahoo! Search" => pomyślnie usunięto "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Yahoo! Search" => nie znaleziono "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\AH27DYG16T" => pomyślnie usunięto "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\AH27DYG16T" => nie znaleziono "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\PR7D21D2K0" => pomyślnie usunięto "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\PR7D21D2K0" => nie znaleziono "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\2J6NU8VHC9" => pomyślnie usunięto "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\2J6NU8VHC9" => nie znaleziono "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\4THO1IK97G" => pomyślnie usunięto "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\4THO1IK97G" => nie znaleziono "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\F2SW9L1IOJ" => pomyślnie usunięto "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\F2SW9L1IOJ" => nie znaleziono "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\OUIM9AU93L" => pomyślnie usunięto "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\OUIM9AU93L" => nie znaleziono "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\PMM5FLRZ2E" => pomyślnie usunięto "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\PMM5FLRZ2E" => nie znaleziono "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\R88HLBII65" => pomyślnie usunięto "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\R88HLBII65" => nie znaleziono "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\IUYLLRM62N" => pomyślnie usunięto "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\IUYLLRM62N" => nie znaleziono "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\I8GVKW93VJ" => pomyślnie usunięto "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\I8GVKW93VJ" => nie znaleziono "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\WF7NG36TRK" => pomyślnie usunięto "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\WF7NG36TRK" => nie znaleziono "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\8YQI2IY2OK" => pomyślnie usunięto "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\8YQI2IY2OK" => nie znaleziono "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\20E6XMF978" => pomyślnie usunięto "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\20E6XMF978" => nie znaleziono "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\5JB9R989OC" => pomyślnie usunięto "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\5JB9R989OC" => nie znaleziono "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\W1TOWRVF70" => pomyślnie usunięto "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\W1TOWRVF70" => nie znaleziono "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EE82B542-3AD5-4904-8A1C-9712A0470373}C:\program files (x86)\winamp\winamp.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F93CBF06-E12C-4B7D-A26E-9342750927C0}C:\program files (x86)\winamp\winamp.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B5C9ED09-6F56-49AB-9403-9823C9A0F757}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{531FE1C0-8A78-4B71-BAE0-E0D76829A34F}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{44DD954A-0B4D-469A-9C47-981B66C968C9}C:\program files (x86)\opera\opera.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{10C1F563-45AB-423E-9C16-7FBB93880820}C:\program files (x86)\opera\opera.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C01C9C43-9EE7-4F8B-BEE2-70491A498DC7}C:\program files (x86)\winamp\winamp.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{91E89B34-D418-4B37-B6BD-323C088ED4EA}C:\program files (x86)\winamp\winamp.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{426B5AB9-2E3E-4B2F-BD77-F95A9D142D6C}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ED374271-D7DA-4BEB-8A0B-797E6EE0C58A}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6668F4C7-C04D-4DAC-8C28-E69E0112B4F7}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6E5B88CF-37E8-4A37-9A4D-D72D03B69223}" => pomyślnie usunięto ========= RemoveProxy: ========= "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => pomyślnie usunięto "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => pomyślnie usunięto "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => pomyślnie usunięto "HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => pomyślnie usunięto ========= Koniec RemoveProxy: ========= C:\Windows\System32\Drivers\etc\hosts => pomyślnie przeniesiono Hosts pomyślnie przywrócono. =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 35340957 B Java, Flash, Steam htmlcache => 9273 B Windows/system/drivers => 1418446204 B Edge => 0 B Chrome => 296013969 B Brave => 0 B Firefox => 371390871 B Opera => 9216 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 397204 B systemprofile32 => 271990136 B LocalService => 275544888 B NetworkService => 276283514 B Byaku => 8075314943 B RecycleBin => 67372136 B EmptyTemp: => 10.3 GB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 20:41:00 ====