Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 08-10-2017 Uruchomiony przez Wojtek (08-10-2017 22:07:22) Run:1 Uruchomiony z D:\Pobrane\FRST Załadowane profile: Wojtek (Dostępne profile: Wojtek & Ewa) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: CustomCLSID: HKU\S-1-5-21-1415446754-3198373632-3723623690-1001_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {187DF4CA-9468-D082-9C64-0CE985889A47} => Brak pliku CustomCLSID: HKU\S-1-5-21-1415446754-3198373632-3723623690-1001_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {58AD1D9A-9468-D082-CC8D-DCA985889A47} => Brak pliku CustomCLSID: HKU\S-1-5-21-1415446754-3198373632-3723623690-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Wojtek\AppData\Local\Citrix\GoToMeeting\4628\G2MOutlookAddin64.dll => Brak pliku Task: {243C128E-D8C6-487A-AF09-0400697FAF5A} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Brak pliku <==== UWAGA Task: {0A4A9412-7651-4316-BF96-B0D362FC846A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA Task: {326470D3-5250-49CB-892C-024019B3871C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA Task: {3ACD5F94-48AD-4260-B3E9-2E85B704FF63} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA Task: {4C393FDD-3743-4534-A3FA-A0C50C986FF2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA Task: {51C53C5F-6FD1-49DB-83CC-64D227A21036} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA Task: {95EB6F3C-F0A2-4AE4-82C6-21B0733FD0FB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA Task: {9F997FC8-675D-44B4-A7AF-97EC364EE683} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA Task: {AEF9A10D-2D70-4B09-B156-64715931E4E0} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA Task: {BAED3869-D434-4AF7-9B78-4AEFCEC0C2D2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA Task: {C7D841D4-012A-435C-BAB8-BE2F9BC7BCF9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA Task: {FFFE8971-0FFF-4623-9505-236BE13BDDF1} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKLM\...\Policies\Explorer: [NoRecentDocsNetHood] 0 HKLM\...\Policies\Explorer: [NoInstrumentation] 1 HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0 HKU\S-1-5-21-1415446754-3198373632-3723623690-1001\...\Policies\system: [NoDispAppearancePage] 0 HKU\S-1-5-21-1415446754-3198373632-3723623690-1001\...\Policies\Explorer: [NoPreviewPane] 0 HKU\S-1-5-21-1415446754-3198373632-3723623690-1001\...\Policies\Explorer: [NoTrayContextMenu] 0 HKU\S-1-5-21-1415446754-3198373632-3723623690-1001\...\Policies\Explorer: [NoSetTaskbar] 0 HKU\S-1-5-21-1415446754-3198373632-3723623690-1001\...\Policies\Explorer: [NoViewContextMenu] 0 HKU\S-1-5-21-1415446754-3198373632-3723623690-1001\...\Policies\Explorer: [HideClock] 0 HKU\S-1-5-21-1415446754-3198373632-3723623690-1001\...\Policies\Explorer: [HideSCANetwork] 0 HKU\S-1-5-21-1415446754-3198373632-3723623690-1001\...\Policies\Explorer: [HideSCAVolume] 0 HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] <==== UWAGA BootExecute: autocheck autochk * sdnclean64.exe GroupPolicyUsers\S-1-5-21-1415446754-3198373632-3723623690-1002\User: Ograniczenia <==== UWAGA HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = C:\Users\Julia i Pati.Wojtek-laptop\AppData\Roaming\ClassicShell\Pinned\startscreen.lnk C:\Users\Wojtek\Desktop\Media Player Classic (x64).lnk C:\Users\Wojtek\Desktop\S Note.lnk DeleteKey: HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains DeleteKey: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains IE Session Restore: HKU\S-1-5-21-1415446754-3198373632-3723623690-1001 -> [funkcja włączona] CMD: dir /a "C:\WINDOWS\system32\Drivers\etc" CMD: dir /a "C:\Program Files" CMD: dir /a "C:\Program Files (x86)" CMD: dir /a "C:\Program Files\Common Files\System" CMD: dir /a "C:\Program Files (x86)\Common Files\System" CMD: dir /a C:\ProgramData CMD: dir /a C:\Users\Admin\AppData\Local CMD: dir /a C:\Users\Admin\AppData\LocalLow CMD: dir /a C:\Users\Admin\AppData\Roaming Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"} Hosts: EmptyTemp: ̩ ***************** Procesy zostały pomyślnie zamknięte. Punkt przywracania został pomyślnie utworzony. HKU\S-1-5-21-1415446754-3198373632-3723623690-1001_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B} => klucz pomyślnie usunięto HKU\S-1-5-21-1415446754-3198373632-3723623690-1001_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850} => klucz pomyślnie usunięto HKU\S-1-5-21-1415446754-3198373632-3723623690-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{243C128E-D8C6-487A-AF09-0400697FAF5A} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{243C128E-D8C6-487A-AF09-0400697FAF5A} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0A4A9412-7651-4316-BF96-B0D362FC846A} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A4A9412-7651-4316-BF96-B0D362FC846A} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{326470D3-5250-49CB-892C-024019B3871C} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{326470D3-5250-49CB-892C-024019B3871C} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3ACD5F94-48AD-4260-B3E9-2E85B704FF63} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3ACD5F94-48AD-4260-B3E9-2E85B704FF63} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4C393FDD-3743-4534-A3FA-A0C50C986FF2} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C393FDD-3743-4534-A3FA-A0C50C986FF2} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{51C53C5F-6FD1-49DB-83CC-64D227A21036} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51C53C5F-6FD1-49DB-83CC-64D227A21036} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{95EB6F3C-F0A2-4AE4-82C6-21B0733FD0FB} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95EB6F3C-F0A2-4AE4-82C6-21B0733FD0FB} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F997FC8-675D-44B4-A7AF-97EC364EE683} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F997FC8-675D-44B4-A7AF-97EC364EE683} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AEF9A10D-2D70-4B09-B156-64715931E4E0} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AEF9A10D-2D70-4B09-B156-64715931E4E0} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BAED3869-D434-4AF7-9B78-4AEFCEC0C2D2} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BAED3869-D434-4AF7-9B78-4AEFCEC0C2D2} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C7D841D4-012A-435C-BAB8-BE2F9BC7BCF9} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7D841D4-012A-435C-BAB8-BE2F9BC7BCF9} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FFFE8971-0FFF-4623-9505-236BE13BDDF1} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FFFE8971-0FFF-4623-9505-236BE13BDDF1} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => klucz pomyślnie usunięto HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon => klucz pomyślnie usunięto HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoRecentDocsNetHood => Wartość pomyślnie usunięto HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoInstrumentation => Wartość pomyślnie usunięto HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoChangeStartMenu => Wartość pomyślnie usunięto HKU\S-1-5-21-1415446754-3198373632-3723623690-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispAppearancePage => Wartość pomyślnie usunięto HKU\S-1-5-21-1415446754-3198373632-3723623690-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoPreviewPane => Wartość pomyślnie usunięto HKU\S-1-5-21-1415446754-3198373632-3723623690-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoTrayContextMenu => Wartość pomyślnie usunięto HKU\S-1-5-21-1415446754-3198373632-3723623690-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetTaskbar => Wartość pomyślnie usunięto HKU\S-1-5-21-1415446754-3198373632-3723623690-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewContextMenu => Wartość pomyślnie usunięto HKU\S-1-5-21-1415446754-3198373632-3723623690-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideClock => Wartość pomyślnie usunięto HKU\S-1-5-21-1415446754-3198373632-3723623690-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCANetwork => Wartość pomyślnie usunięto HKU\S-1-5-21-1415446754-3198373632-3723623690-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAVolume => Wartość pomyślnie usunięto HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore => klucz pomyślnie usunięto HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Wartość pomyślnie przywrócono C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-1415446754-3198373632-3723623690-1002\User => pomyślnie przeniesiono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono C:\Users\Julia i Pati.Wojtek-laptop\AppData\Roaming\ClassicShell\Pinned\startscreen.lnk => pomyślnie przeniesiono C:\Users\Wojtek\Desktop\Media Player Classic (x64).lnk => pomyślnie przeniesiono C:\Users\Wojtek\Desktop\S Note.lnk => pomyślnie przeniesiono HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains => klucz pomyślnie usunięto HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains => klucz pomyślnie usunięto HKU\S-1-5-21-1415446754-3198373632-3723623690-1001\Software\Microsoft\Internet Explorer\ContinuousBrowsing => klucz pomyślnie usunięto ========= dir /a "C:\WINDOWS\system32\Drivers\etc" ========= Volume in drive C is System Volume Serial Number is BC6E-2E4D Directory of C:\WINDOWS\system32\Drivers\etc 2017-10-02 22:42 . 2017-10-02 22:42 .. 2017-10-02 22:42 454˙512 hosts 2013-08-22 15:25 824 hosts.20171002-224252.backup 2017-03-18 23:01 3˙683 lmhosts.sam 2013-08-22 15:25 407 networks 2013-08-22 15:25 1˙358 protocol 2013-08-22 15:25 17˙463 services 6 File(s) 478˙247 bytes 2 Dir(s) 81˙178˙443˙776 bytes free ========= Koniec CMD: ========= ========= dir /a "C:\Program Files" ========= Volume in drive C is System Volume Serial Number is BC6E-2E4D Directory of C:\Program Files 2017-10-05 21:48 . 2017-10-05 21:48 .. 2017-09-23 00:16 AMD 2015-01-04 17:29 AMD-Catalyst-Omega-14.12-Without-DOTNet45-Win8.1-64bit 2017-10-05 21:48 AmiBroker 2014-12-17 07:36 ATI 2015-10-09 10:34 ATI Technologies 2014-12-17 07:41 Broadcom 2017-09-23 00:16 Common Files 2017-02-07 00:46 ConvertHelper3 2017-03-18 23:01 174 desktop.ini 2015-01-27 20:43 Genymobile 2017-09-23 00:16 Intel 2017-09-23 02:19 Internet Explorer 2017-09-30 23:59 Malwarebytes 2014-12-20 23:58 Microsoft Office 2017-08-04 20:26 Microsoft Silverlight 2017-09-23 01:06 MSBuild 2017-02-24 01:10 NetWorx 2017-02-03 19:28 Notepad++ 2015-12-03 15:02 Oracle 2017-09-23 00:13 Realtek 2017-09-23 01:06 Reference Assemblies 2014-12-20 23:58 Siber Systems 2017-09-23 00:13 Synaptics 2017-10-02 21:49 TOSHIBA 2017-09-23 00:14 Uninstall Information 2017-08-02 12:54 UNP 2017-07-11 07:47 Windows Defender 2017-03-20 06:00 Windows Defender Advanced Threat Protection 2017-09-23 02:19 Windows Mail 2017-09-23 00:16 Windows Media Player 2017-03-18 23:03 Windows Multimedia Platform 2017-09-23 00:24 Windows NT 2017-09-23 02:19 Windows Photo Viewer 2017-03-18 23:03 Windows Portable Devices 2017-03-18 23:03 Windows Security 2017-03-18 23:03 Windows Sidebar 2017-09-24 13:24 WindowsApps 2017-03-18 23:03 WindowsPowerShell 2015-04-17 00:16 WinRAR 1 File(s) 174 bytes 40 Dir(s) 81˙178˙382˙336 bytes free ========= Koniec CMD: ========= ========= dir /a "C:\Program Files (x86)" ========= Volume in drive C is System Volume Serial Number is BC6E-2E4D Directory of C:\Program Files (x86) 2017-10-02 22:31 . 2017-10-02 22:31 .. 2016-04-22 22:52 4KDownload 2014-12-28 00:06 Adobe 2017-04-26 21:59 Advanced IP Scanner 2015-01-04 17:35 AMD 2015-08-21 10:55 AMD AVT 2017-10-08 21:34 AmiBroker 2015-10-09 10:34 ATI Technologies 2017-09-23 00:16 Common Files 2017-03-18 23:01 174 desktop.ini 2015-01-04 17:55 DesktopOK 2015-08-23 23:58 DTS, Inc 2015-06-09 19:16 ESET 2016-01-05 00:12 FileZilla FTP Client 2015-12-21 10:20 Firebird 2014-12-20 23:23 Google 2015-06-09 00:09 HDDGURU LLF Tool 2015-11-26 20:26 InstallShield Installation Information 2014-12-17 07:35 Intel 2017-09-23 02:19 Internet Explorer 2016-10-26 17:55 Java 2014-12-21 11:47 K-Lite Codec Pack 2017-07-18 21:43 KeePass Password Safe 2 2017-09-30 23:59 Malwarebytes Anti-Malware 2014-12-20 23:58 Microsoft Analysis Services 2014-12-20 23:58 Microsoft Office 2017-08-04 20:26 Microsoft Silverlight 2014-12-20 23:58 Microsoft SQL Server Compact Edition 2014-12-20 23:58 Microsoft Sync Framework 2014-12-20 23:58 Microsoft Synchronization Services 2014-12-20 23:58 Microsoft Visual Studio 8 2017-09-23 00:16 Microsoft.NET 2017-10-01 00:04 Mozilla Firefox 2017-06-17 22:20 Mozilla Maintenance Service 2017-09-23 00:19 MSBuild 2014-12-23 18:45 Pro Surveillance System(EN) 2015-01-04 22:37 Ray Adams 2015-01-18 21:25 Realtek 2017-09-23 01:06 Reference Assemblies 2015-11-26 20:26 Samsung 2016-03-04 20:33 Smart View 2017-10-01 18:23 Spybot - Search & Destroy 2 2015-02-06 15:53 Statica 2015-01-18 21:28 Temp 2017-09-19 19:48 TOSHIBA 2015-12-21 23:39 Toshiba TEMPRO 2017-07-11 07:47 Windows Defender 2017-09-23 02:19 Windows Mail 2017-09-23 00:16 Windows Media Player 2017-03-18 23:03 Windows Multimedia Platform 2017-03-18 23:03 Windows NT 2017-09-23 02:19 Windows Photo Viewer 2017-03-18 23:03 Windows Portable Devices 2017-03-18 23:03 Windows Sidebar 2017-03-18 23:03 WindowsPowerShell 2014-12-21 22:33 WinSplit Revolution 1 File(s) 174 bytes 56 Dir(s) 81˙178˙329˙088 bytes free ========= Koniec CMD: ========= ========= dir /a "C:\Program Files\Common Files\System" ========= Volume in drive C is System Volume Serial Number is BC6E-2E4D Directory of C:\Program Files\Common Files\System 2017-03-20 05:58 . 2017-03-20 05:58 .. 2017-07-11 07:47 ado 2017-03-18 22:59 32˙768 DirectDB.dll 2017-03-20 05:58 en-US 2017-03-20 05:58 msadc 2017-03-20 05:58 Ole DB 2017-03-20 05:58 pl-PL 2017-03-18 22:57 854˙528 wab32.dll 2017-03-18 22:57 964˙096 wab32res.dll 3 File(s) 1˙851˙392 bytes 7 Dir(s) 81˙178˙275˙840 bytes free ========= Koniec CMD: ========= ========= dir /a "C:\Program Files (x86)\Common Files\System" ========= Volume in drive C is System Volume Serial Number is BC6E-2E4D Directory of C:\Program Files (x86)\Common Files\System 2017-09-23 00:16 . 2017-09-23 00:16 .. 2017-07-11 07:47 ado 2017-03-18 22:59 27˙648 DirectDB.dll 2017-03-20 05:58 en-US 2017-03-20 05:58 msadc 2017-04-22 16:12 MSMAPI 2017-09-23 00:16 Ole DB 2017-03-20 05:58 pl-PL 2017-03-18 22:58 741˙888 wab32.dll 2017-03-18 22:58 964˙096 wab32res.dll 3 File(s) 1˙733˙632 bytes 8 Dir(s) 81˙178˙218˙496 bytes free ========= Koniec CMD: ========= ========= dir /a C:\ProgramData ========= Volume in drive C is System Volume Serial Number is BC6E-2E4D Directory of C:\ProgramData 2017-10-01 14:41 . 2017-10-01 14:41 .. 2017-02-06 23:01 Adobe 2015-01-04 17:35 AMD 2016-07-16 13:47 Comms 2015-10-12 18:28 CyberLink 2014-12-21 00:00 DAEMON Tools Lite 2014-12-17 08:29 Dane aplikacji [C:\ProgramData] 2015-12-19 02:46 DatacardService 2014-12-17 08:29 Dokumenty [C:\Users\Public\Documents] 2017-09-23 00:13 0 DP45977C.lfl 2016-06-16 19:45 19˙535 empty.ico 2014-12-18 01:26 GoodSync 2014-12-17 07:51 install_clap 2014-12-17 07:36 Intel 2014-12-17 09:09 IsolatedStorage 2017-10-01 14:10 Loaris 2017-09-30 23:59 Malwarebytes 2017-09-30 23:59 MB2Migration 2015-01-22 01:15 McAfee 2014-12-17 08:29 Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu] 2014-12-28 21:15 MetaQuotes 2017-10-01 14:41 Microsoft 2017-09-18 20:43 Microsoft Help 2017-09-23 00:49 Microsoft OneDrive 2014-12-17 09:22 Mozilla 2016-10-26 17:57 Oracle 2016-04-27 18:44 Package Cache 2015-12-18 18:41 PLAY INTERNET 2014-12-17 08:29 Pulpit [C:\Users\Public\Desktop] 2017-09-23 00:21 regid.1991-06.com.microsoft 2015-11-26 20:26 Samsung 2014-12-19 00:36 SoftPerfect 2017-03-18 23:03 SoftwareDistribution 2017-10-02 22:34 Spybot - Search & Destroy 2015-08-23 23:58 SRS Labs 2017-09-28 20:22 Sumito Development 2014-12-17 23:20 Sun 2014-12-17 10:22 Synaptics 2014-12-17 08:29 Szablony [C:\ProgramData\Microsoft\Windows\Templates] 2014-12-17 07:51 Temp 2017-09-19 19:48 Toshiba 2014-12-17 09:09 TOSHIBA Tempro 2014-12-17 09:09 ToshibaEurope 2017-09-23 00:26 USOPrivate 2017-09-23 00:26 USOShared 2017-03-20 06:00 WindowsHolographicDevices 2 File(s) 19˙535 bytes 45 Dir(s) 81˙178˙161˙152 bytes free ========= Koniec CMD: ========= ========= dir /a C:\Users\Admin\AppData\Local ========= System nie moľe odnale«† okre˜lonej ˜cieľki. ========= Koniec CMD: ========= ========= dir /a C:\Users\Admin\AppData\LocalLow ========= System nie moľe odnale«† okre˜lonej ˜cieľki. ========= Koniec CMD: ========= ========= dir /a C:\Users\Admin\AppData\Roaming ========= System nie moľe odnale«† okre˜lonej ˜cieľki. ========= Koniec CMD: ========= ========= wevtutil el | Foreach-Object {wevtutil cl "$_"} ========= ========= Koniec Powershell: ========= C:\Windows\System32\Drivers\etc\hosts => pomyślnie przeniesiono Hosts pomyślnie przywrócono. ̩ => Błąd: Nie znaleziono automatycznej naprawy dla tego wejścia. =========== EmptyTemp: ========== BITS transfer queue => 6053888 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17996198 B Java, Flash, Steam htmlcache => 30017 B Windows/system/drivers => 116559 B Edge => 90618737 B Chrome => 0 B Firefox => 388609519 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 1536 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 128 B systemprofile32 => 0 B LocalService => 6598 B NetworkService => 744622 B Wojtek => 145611708 B Julia i Pati.Wojtek-laptop => 512179 B RecycleBin => 4613 B EmptyTemp: => 620.2 MB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 22:16:29 ====