Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja:07-09-2015
Uruchomiony przez Wojciech (2015-09-08 22:51:36) Run:4
Uruchomiony z C:\Users\Wojciech\Desktop
Załadowane profile: UpdatusUser & Wojciech (Dostępne profile: UpdatusUser & Wojciech)
Tryb startu: Normal
==============================================

fixlist - zawartość:
*****************
Task: {57EB5B81-53A3-4E29-A474-28479E4E3ADB} - System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Core => C:\Program Files (x86)\WordSurfer_1.10.0.19\Update\WordSurferAutoUpdateClient.exe [2015-06-16] (Word Surfer)
C:\Program Files (x86)\WordSurfer_1.10.0.19
Task: {812C7726-AE30-4DA3-8C38-A66E5D0A5662} - System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Pending Update => C:\Program Files (x86)\WordSurfer_1.10.0.19\Update\WordSurferAutoUpdateClient.exe [2015-06-16] (Word Surfer)
2015-09-02 11:52 - 2015-09-02 11:52 - 00421376 _____ () C:\Program Files (x86)\SFK\SFKEX64.dll
2015-08-17 18:52 - 2015-08-17 18:52 - 00122880 _____ () C:\Program Files (x86)\SFK\SFKEX64.exe
2015-09-08 17:02 - 2015-09-07 17:06 - 03332752 _____ () C:\Users\Wojciech\AppData\Local\gmsd_pl_005010083\upgmsd_pl_005010083.exe
C:\Program Files (x86)\SFK
C:\Users\Wojciech\AppData\Local\gmsd_pl_005010083
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v shopperz02092015165864 /f
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v gmsd_pl_005010083 /f
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v mbot_pl_014010083 /f
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v RemoteControl10 /f
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v SmartWeb /f
Reg: reg delete HKU\S-1-5-21-2123243774-1212378890-3103706089-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder /v crossbrowse.lnk /f
Reg: reg delete HKU\S-1-5-21-2123243774-1212378890-3103706089-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder /v SmartWeb.lnk /f
Reg: reg delete HKU\S-1-5-21-2123243774-1212378890-3103706089-1002Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v dwogakd /f
HKLM\...\Run: [gpuminer] => C:\Users\Wojciech\AppData\Roaming\cpuminer\sgminer\start.cmd
C:\Users\Wojciech\AppData\Roaming\cpuminer
HKLM-x32\...\Run: [gmsd_pl_005010083] => C:\Program Files (x86)\gmsd_pl_005010083\gmsd_pl_005010083.exe [3982992 2015-09-07] ()
HKLM-x32\...\RunOnce: [upgmsd_pl_005010083.exe] => C:\Users\Wojciech\AppData\Local\gmsd_pl_005010083\upgmsd_pl_005010083.exe [3332752 2015-09-07] ()
C:\Program Files (x86)\gmsd_pl_005010083
Reg: reg delete "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
Winlogon\Notify\dwogakd-x32: C:\Users\Wojciech\AppData\Local\dwogakd.dll [X]
Tcpip\..\Interfaces\{897D7095-D729-4A7D-8CE9-CFB2D2B47027}: [DhcpNameServer] 127.0.0.1
URLSearchHook: [S-1-5-21-2123243774-1212378890-3103706089-1001] UWAGA => Brak domyślnego URLSearchHook
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1 ... J9ED204767
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.istartsurf.com/?type=sc&ts=1 ... J9ED204767
R2 SSFK; C:\Program Files (x86)\SFK\SSFK.exe [411648 2015-09-08] (TODO: <公司名>) [Brak podpisu cyfrowego]
R2 wsasvc_1.10.0.19; C:\Program Files (x86)\WordSurfer_1.10.0.19\Service\wsasvc.exe [299608 2015-06-16] (Word Surfer)
S2 cezuhezy; C:\Program Files (x86)\10AB2BB6-1441670892-E211-A2DC-2089844869C8\knsk1313.tmp [X]
R1 wsafd_1_10_0_19; C:\Windows\System32\drivers\wsafd_1_10_0_19.sys [57728 2015-06-16] (Word Surfer)
C:\Users\Wojciech\Desktop\setup_gmsd_en.exe
C:\Users\Wojciech\Desktop\Continue Games Desktop.lnk
2015-09-08 17:02 - 2015-09-08 18:56 - 00000000 ____D C:\Users\Wojciech\AppData\Local\gmsd_pl_005010083
2015-09-08 17:02 - 2015-09-08 18:51 - 00000000 ____D C:\Program Files (x86)\SFK
2015-09-08 17:02 - 2015-09-08 17:02 - 00000000 ____D C:\Users\Wojciech\AppData\Roaming\istartsurf
2015-09-08 17:02 - 2015-09-08 17:02 - 00000000 ____D C:\Program Files (x86)\gmsd_pl_005010083
2015-09-08 17:01 - 2015-09-08 17:01 - 00004180 _____ C:\WINDOWS\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Pending Update
2015-09-08 17:01 - 2015-09-08 17:01 - 00004170 _____ C:\WINDOWS\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Core
2015-09-08 17:01 - 2015-09-08 17:01 - 00000000 ____D C:\Program Files (x86)\WordSurfer_1.10.0.19
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Wojciech\AppData\Roaming\6qvbKW6ePju
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Wojciech\AppData\Roaming\8iKP9Zg7HkWuKokIrYyb9v
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Wojciech\AppData\Roaming\JSvgE4ZHPGac1vGSu2xRv5sx
EmptyTemp:
*****************

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57EB5B81-53A3-4E29-A474-28479E4E3ADB} => klucz nie znaleziono. 
C:\WINDOWS\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Core => nie znaleziono.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WordSurfer Auto Updater 1.10.0.19 Core => klucz nie znaleziono. 
"C:\Program Files (x86)\WordSurfer_1.10.0.19" => plik/folder nie znaleziono.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{812C7726-AE30-4DA3-8C38-A66E5D0A5662} => klucz nie znaleziono. 
C:\WINDOWS\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Pending Update => nie znaleziono.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WordSurfer Auto Updater 1.10.0.19 Pending Update => klucz nie znaleziono. 
"C:\Program Files (x86)\SFK\SFKEX64.dll" => plik/folder nie znaleziono.
"C:\Program Files (x86)\SFK\SFKEX64.exe" => plik/folder nie znaleziono.
"C:\Users\Wojciech\AppData\Local\gmsd_pl_005010083\upgmsd_pl_005010083.exe" => plik/folder nie znaleziono.
"C:\Program Files (x86)\SFK" => plik/folder nie znaleziono.
"C:\Users\Wojciech\AppData\Local\gmsd_pl_005010083" => plik/folder nie znaleziono.

========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v shopperz02092015165864 /f =========

ERROR: The system was unable to find the specified registry key or value.


========= Koniec  Reg: =========


========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v gmsd_pl_005010083 /f =========

ERROR: The system was unable to find the specified registry key or value.


========= Koniec  Reg: =========


========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v mbot_pl_014010083 /f =========

ERROR: The system was unable to find the specified registry key or value.


========= Koniec  Reg: =========


========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v RemoteControl10 /f =========

ERROR: The system was unable to find the specified registry key or value.


========= Koniec  Reg: =========


========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v SmartWeb /f =========

ERROR: The system was unable to find the specified registry key or value.


========= Koniec  Reg: =========


========= reg delete HKU\S-1-5-21-2123243774-1212378890-3103706089-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder /v crossbrowse.lnk /f =========

ERROR: The system was unable to find the specified registry key or value.


========= Koniec  Reg: =========


========= reg delete HKU\S-1-5-21-2123243774-1212378890-3103706089-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder /v SmartWeb.lnk /f =========

ERROR: The system was unable to find the specified registry key or value.


========= Koniec  Reg: =========


========= reg delete HKU\S-1-5-21-2123243774-1212378890-3103706089-1002Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v dwogakd /f =========

ERROR: The system was unable to find the specified registry key or value.


========= Koniec  Reg: =========

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\gpuminer => Wartość nie znaleziono.
"C:\Users\Wojciech\AppData\Roaming\cpuminer" => plik/folder nie znaleziono.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_pl_005010083 => Wartość nie znaleziono.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\upgmsd_pl_005010083.exe => Wartość nie znaleziono.
"C:\Program Files (x86)\gmsd_pl_005010083" => plik/folder nie znaleziono.

========= reg delete "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

ERROR: The system was unable to find the specified registry key or value.


========= Koniec  Reg: =========


========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

ERROR: The system was unable to find the specified registry key or value.


========= Koniec  Reg: =========


========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

ERROR: The system was unable to find the specified registry key or value.


========= Koniec  Reg: =========

HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dwogakd => klucz nie znaleziono. 
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{897D7095-D729-4A7D-8CE9-CFB2D2B47027}\\DhcpNameServer => Wartość nie znaleziono.
Nie można przywrócić Domyślne URLSearchHook.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Wartość pomyślnie przywrócono
HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command\\Default => Wartość pomyślnie przywrócono
SSFK => serwis nie znaleziono.
wsasvc_1.10.0.19 => serwis nie znaleziono.
cezuhezy => serwis nie znaleziono.
wsafd_1_10_0_19 => serwis nie znaleziono.
"C:\Users\Wojciech\Desktop\setup_gmsd_en.exe" => plik/folder nie znaleziono.
"C:\Users\Wojciech\Desktop\Continue Games Desktop.lnk" => plik/folder nie znaleziono.
"C:\Users\Wojciech\AppData\Local\gmsd_pl_005010083" => plik/folder nie znaleziono.
"C:\Program Files (x86)\SFK" => plik/folder nie znaleziono.
"C:\Users\Wojciech\AppData\Roaming\istartsurf" => plik/folder nie znaleziono.
"C:\Program Files (x86)\gmsd_pl_005010083" => plik/folder nie znaleziono.
"C:\WINDOWS\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Pending Update" => plik/folder nie znaleziono.
"C:\WINDOWS\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Core" => plik/folder nie znaleziono.
"C:\Program Files (x86)\WordSurfer_1.10.0.19" => plik/folder nie znaleziono.
"C:\Users\Wojciech\AppData\Roaming\6qvbKW6ePju" => plik/folder nie znaleziono.
"C:\Users\Wojciech\AppData\Roaming\8iKP9Zg7HkWuKokIrYyb9v" => plik/folder nie znaleziono.
"C:\Users\Wojciech\AppData\Roaming\JSvgE4ZHPGac1vGSu2xRv5sx" => plik/folder nie znaleziono.
EmptyTemp: => 14.2 MB danych tymczasowych Usunięto.


System wymagał restartu.. 

==== Koniec  Fixlog 22:51:42 ====