Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 02.01.2018 Uruchomiony przez rober (06-01-2018 13:53:55) Run:2 Uruchomiony z C:\Users\rober\Downloads Załadowane profile: rober (Dostępne profile: defaultuser0 & rober) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: HKLM\...\Run: [SERVICE] => [X] HKLM-x32\...\Run: [] => [X] HKLM\...\Run: [gplyra] => C:\Users\rober\AppData\Roaming\gplyra\gplyra\start.cmd [216 2017-01-10] () <==== UWAGA HKLM\...\RunOnce: [jszk04y42kt] => C:\Program Files (x86)\Multitimer\29624.exe [1218048 2018-01-06] () C:\Program Files (x86)\Multitimer C:\Users\rober\AppData\Roaming\gplyra HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA IFEO\SppExtComObj.exe: [Debugger] C:\WINDOWS\SECOH-QAD.exe C:\WINDOWS\SECOH-QAD.exe GroupPolicy: Ograniczenia - Chrome <==== UWAGA HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\...\Run: [458523] => C:\Users\rober\AppData\Roaming\jbps4iyyfzr\dwocjul3tz2.exe [694074 2018-01-06] (DHjkdg ) HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\...\Run: [7709177] => C:\Users\rober\AppData\Roaming\hpudlgkqwqd\zteijymg3ig.exe [694074 2018-01-06] (DHjkdg ) HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\...\Run: [8280762] => C:\Users\rober\AppData\Roaming\mwfpyc40tib\cpu3tqdwm5e.exe [694074 2018-01-06] (DHjkdg ) HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\...\Run: [236801] => C:\Users\rober\AppData\Roaming\zwhtfln5ddp\ryuof3jbn2l.exe [694074 2018-01-06] (DHjkdg ) HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\...\Run: [6075359] => C:\Users\rober\AppData\Roaming\tfjld32vk15\qrnoiytfyyy.exe [694074 2018-01-06] (DHjkdg ) HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\...\Run: [2007778] => C:\Users\rober\AppData\Roaming\jbmxjhlkiax\nfdvmc2pkhg.exe [694074 2018-01-06] (DHjkdg ) HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\...\Run: [4068841] => C:\Users\rober\AppData\Roaming\om4inqqk0dk\y01inoxm2vs.exe [694074 2018-01-06] (DHjkdg ) HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\...\Run: [1505690] => C:\Users\rober\AppData\Roaming\sin23ee1iy5\dted345boon.exe [694074 2018-01-06] (DHjkdg ) HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\...\Run: [3148841] => C:\Users\rober\AppData\Roaming\p31gvnwjdni\fjepflo1zln.exe [694074 2018-01-06] (DHjkdg ) HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\...\Run: [6051548] => C:\Users\rober\AppData\Roaming\dume00dobkr\iivlipm32ju.exe [694074 2018-01-06] (DHjkdg ) HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\...\Run: [3204014] => C:\Users\rober\AppData\Roaming\zn44ekngj1w\4c3r1t1sksq.exe [694074 2018-01-06] (DHjkdg ) HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\...\Run: [1UXBF7VRUCQ1LN7] => C:\Program Files\312GR4SIS4\312GR4SIS.exe [669184 2018-01-06] (BUMVPN) HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\...\Run: [I7ZZTNRZNZI26IZ] => C:\Program Files\OZU7LPSW8F\OZU7LPSW8.exe [669184 2018-01-06] (BUMVPN) HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\...\Run: [66213ASU3ATFJEX] => C:\Program Files\AX3I2LNG6X\AX3I2LNG6.exe [669184 2018-01-06] (BUMVPN) HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\...\Run: [3AXLA75QWGRR96B] => "C:\Program Files\1FG91MQVUM\1FG91MQVU.exe" C:\Users\rober\AppData\Roaming\jbps4iyyfzr C:\Users\rober\AppData\Roaming\hpudlgkqwqd C:\Users\rober\AppData\Roaming\mwfpyc40tib C:\Users\rober\AppData\Roaming\zwhtfln5ddp C:\Users\rober\AppData\Roaming\tfjld32vk15 C:\Users\rober\AppData\Roaming\jbmxjhlkiax C:\Users\rober\AppData\Roaming\om4inqqk0dk C:\Users\rober\AppData\Roaming\sin23ee1iy5 C:\Users\rober\AppData\Roaming\p31gvnwjdni C:\Users\rober\AppData\Roaming\dume00dobkr C:\Users\rober\AppData\Roaming\zn44ekngj1w C:\Program Files\312GR4SIS4 C:\Program Files\1FG91MQVUM Tcpip\..\Interfaces\{19bc2252-97f2-4732-a968-d5b2e8a913c2}: [NameServer] 82.163.142.8,95.211.158.136 HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccZ9Df0lc7ye1CLKAkM4jo69SCA5O5FkOioXeTPZGYEXqqTHtmJ9INgOeUSDyFgczmTxe_A-YfRrlKHiF_LNxop81s7dYYdqQ4bJAbNa-kSvlT6dpAf9cwFviuEJ07FnJFrNXJTHHht-HxnCBvsCFnO91K0Czw,, S2 service_box.exe; "C:\Program Files (x86)\System Native\Main Services\service_box.exe" [X] S3 updater; "C:\Program Files (x86)\System Native\Main Services\updater.exe" /runservice [X] S1 oahnmwqz; \??\C:\WINDOWS\system32\drivers\oahnmwqz.sys [X] 2018-01-06 12:44 - 2018-01-06 12:44 - 000003328 _____ C:\WINDOWS\System32\Tasks\LaCieS 2018-01-06 12:59 - 2018-01-06 12:59 - 000000000 ____D C:\Users\rober\AppData\Local\AdService 2018-01-06 12:44 - 2018-01-06 12:44 - 000000000 ____D C:\Users\rober\AppData\Local\Optimizer 2018-01-06 12:44 - 2018-01-06 12:44 - 000000000 ____D C:\Program Files (x86)\foldershare 2018-01-06 12:44 - 2018-01-06 12:44 - 000000000 ____D C:\Windat 2018-01-06 12:44 - 2018-01-06 12:44 - 000000000 ____D C:\Disk 2018-01-06 12:41 - 2018-01-06 12:42 - 000000000 ____D C:\Applications 2018-01-06 12:44 - 2018-01-06 12:44 - 000000000 ____D C:\Users\rober\AppData\Roaming\9aa9c57174cc460db233b7d85fa67383 2018-01-06 12:59 - 2018-01-06 12:59 - 000011568 _____ () C:\Users\rober\AppData\Local\InstallationConfiguration.xml 2018-01-06 12:42 - 2018-01-06 12:42 - 000140800 _____ () C:\Users\rober\AppData\Local\installer.dat 2018-01-06 12:59 - 2018-01-06 12:59 - 000930816 _____ () C:\Users\rober\AppData\Local\po.db Task: {DD2EBD9D-55DB-46CE-8C82-6B5854F5ADFF} - System32\Tasks\{79087A47-040C-787D-0911-0E7A05041104} => C:\WINDOWS\system32\WindowsPowershell\v1.0\powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand IAA7ACAAOwA7ADsAIAAgADsAIAAgADsAIAA7ACAAOwA7ACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAPQAiAHMAdABvAHAAIgA7ACQAcwBjAD0AIgBTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACIAOwAkAFcAYQByAG4AaQBuAGcAUAByAGUA (dane warto�ci zawieraj� 9984 znak�w wi�cej). <==== UWAGA Task: {3A27DC34-828A-4D19-95DC-1EE5109F0B60} - System32\Tasks\BcyoMZkjXMgFaPP2 => rundll32 "C:\Program Files (x86)\umkISPBbU\lcsJvU.dll",#1 Task: {3A778ED2-68C4-458A-9F6C-B4F5FA5CB781} - System32\Tasks\saKXaLnxQURzlMgex2 => rundll32 "C:\Program Files (x86)\RrHYXuUpocPTIXdsppR\bkEGUze.dll",#1 Task: {55F70757-A2F9-4C40-AD5B-52BCEC7C362A} - System32\Tasks\pnIxobGIUDXdNt => rundll32 "C:\Program Files (x86)\TwPufLOWyrxU2\blGcZsqJfvdUO.dll",#1 Task: {6C7D5F18-F1BD-4A83-83D4-01158636FC38} - System32\Tasks\plaAVjRQXWCDePSecyr2 => rundll32 "C:\Program Files (x86)\aohGTEheqdnWC\MduDQxt.dll",#1 Task: {95A34E05-D4FB-438F-B073-63E5E40280CD} - System32\Tasks\plaAVjRQXWCDePSecyr => rundll32 "C:\Program Files (x86)\aohGTEheqdnWC\MduDQxt.dll",#1 Task: {9F90BEA2-B617-4140-AE3A-7554A1AB323D} - System32\Tasks\BcyoMZkjXMgFaPP => rundll32 "C:\Program Files (x86)\umkISPBbU\lcsJvU.dll",#1 Task: {C7F6B99E-AA8E-4071-A0B0-FCF13F3F872D} - System32\Tasks\saKXaLnxQURzlMgex => rundll32 "C:\Program Files (x86)\RrHYXuUpocPTIXdsppR\bkEGUze.dll",#1 Task: C:\WINDOWS\Tasks\BcyoMZkjXMgFaPP.job => C:\Program Files (x86)\umkISPBbU\lcsJvU.dll Task: C:\WINDOWS\Tasks\plaAVjRQXWCDePSecyr.job => C:\Program Files (x86)\aohGTEheqdnWC\MduDQxt.dll Task: C:\WINDOWS\Tasks\saKXaLnxQURzlMgex.job => C:\Program Files (x86)\RrHYXuUpocPTIXdsppR\bkEGUze.dll Task: {A32CD1B1-6267-43DC-837B-9E18DEAB3613} - System32\Tasks\Areary Page Fix => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\Areary Page Fix\Areary Page Fix.dll",SsWffym <==== UWAGA C:\Program Files\Areary Page Fix C:\Program Files (x86)\umkISPBbU C:\Program Files (x86)\RrHYXuUpocPTIXdsppR C:\Program Files (x86)\TwPufLOWyrxU2 C:\Program Files (x86)\aohGTEheqdnWC Task: {A32CD1B1-6267-43DC-837B-9E18DEAB3613} - System32\Tasks\Areary Page Fix => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\Areary Page Fix\Areary Page Fix.dll",SsWffym <==== UWAGA C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asystent uaktualnienia do systemu Windows 10.lnk C:\Users\rober\Desktop\Google Chrome.lnk C:\Users\rober\AppData\Roaming\Microsoft\Windows\Start Menu\Music Challenge.lnk C:\Users\rober\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk C:\Users\rober\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\G?ogle ?hrom?.lnk C:\Users\rober\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\G??gle ?hr?m?.lnk C:\Users\rober\AppData\Roaming\Browsers C:\Program Files (x86)\Google\Chrome C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome C:\Users\rober\AppData\Local\Google\Chrome DeleteKey: HKCU\Software\Google\Chrome DeleteKey: HKCU\Software\Google\Update\ClientState\{4DC8B4CA-1BDA-483e-B5FA-D3C12E15B62D} DeleteKey: HKCU\Software\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96} DeleteKey: HKLM\SOFTWARE\Google\Chrome DeleteKey: HKLM\SOFTWARE\Google\Update\ClientState\{4DC8B4CA-1BDA-483e-B5FA-D3C12E15B62D} DeleteKey: HKLM\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96} DeleteKey: HKLM\SOFTWARE\Wow6432Node\Google\Chrome DeleteKey: HKLM\SOFTWARE\Wow6432Node\Google\Update\ClientState\{4DC8B4CA-1BDA-483e-B5FA-D3C12E15B62D} DeleteKey: HKLM\SOFTWARE\Wow6432Node\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96} CMD: dir /a "C:\Program Files" CMD: dir /a "C:\Program Files (x86)" CMD: dir /a "C:\Program Files\Common Files\System" CMD: dir /a "C:\Program Files (x86)\Common Files\System" CMD: dir /a C:\ProgramData CMD: dir /a C:\Users\rober\AppData\Local CMD: dir /a C:\Users\rober\AppData\LocalLow CMD: dir /a C:\Users\rober\AppData\Roaming CMD: netsh advfirewall reset CMD: ipconfig /flushdns Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"} EmptyTemp: ***************** Procesy zostały pomyślnie zamknięte. Punkt przywracania został pomyślnie utworzony. "HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SERVICE" => nie znaleziono "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => nie znaleziono "HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\gplyra" => nie znaleziono "HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\jszk04y42kt" => nie znaleziono "C:\Program Files (x86)\Multitimer" => nie znaleziono "C:\Users\rober\AppData\Roaming\gplyra" => nie znaleziono HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => klucz nie znaleziono HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SppExtComObj.exe => klucz nie znaleziono "C:\WINDOWS\SECOH-QAD.exe" => nie znaleziono "C:\WINDOWS\system32\GroupPolicy\Machine" => nie znaleziono "HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\Software\Microsoft\Windows\CurrentVersion\Run\\458523" => nie znaleziono "HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\Software\Microsoft\Windows\CurrentVersion\Run\\7709177" => nie znaleziono "HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\Software\Microsoft\Windows\CurrentVersion\Run\\8280762" => nie znaleziono "HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\Software\Microsoft\Windows\CurrentVersion\Run\\236801" => nie znaleziono "HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\Software\Microsoft\Windows\CurrentVersion\Run\\6075359" => nie znaleziono "HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\Software\Microsoft\Windows\CurrentVersion\Run\\2007778" => nie znaleziono "HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\Software\Microsoft\Windows\CurrentVersion\Run\\4068841" => nie znaleziono "HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\Software\Microsoft\Windows\CurrentVersion\Run\\1505690" => nie znaleziono "HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\Software\Microsoft\Windows\CurrentVersion\Run\\3148841" => nie znaleziono "HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\Software\Microsoft\Windows\CurrentVersion\Run\\6051548" => nie znaleziono "HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\Software\Microsoft\Windows\CurrentVersion\Run\\3204014" => nie znaleziono "HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\Software\Microsoft\Windows\CurrentVersion\Run\\1UXBF7VRUCQ1LN7" => nie znaleziono "HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\Software\Microsoft\Windows\CurrentVersion\Run\\I7ZZTNRZNZI26IZ" => nie znaleziono "HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\Software\Microsoft\Windows\CurrentVersion\Run\\66213ASU3ATFJEX" => nie znaleziono "HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\Software\Microsoft\Windows\CurrentVersion\Run\\3AXLA75QWGRR96B" => nie znaleziono "C:\Users\rober\AppData\Roaming\jbps4iyyfzr" => nie znaleziono "C:\Users\rober\AppData\Roaming\hpudlgkqwqd" => nie znaleziono "C:\Users\rober\AppData\Roaming\mwfpyc40tib" => nie znaleziono "C:\Users\rober\AppData\Roaming\zwhtfln5ddp" => nie znaleziono "C:\Users\rober\AppData\Roaming\tfjld32vk15" => nie znaleziono "C:\Users\rober\AppData\Roaming\jbmxjhlkiax" => nie znaleziono "C:\Users\rober\AppData\Roaming\om4inqqk0dk" => nie znaleziono "C:\Users\rober\AppData\Roaming\sin23ee1iy5" => nie znaleziono "C:\Users\rober\AppData\Roaming\p31gvnwjdni" => nie znaleziono "C:\Users\rober\AppData\Roaming\dume00dobkr" => nie znaleziono "C:\Users\rober\AppData\Roaming\zn44ekngj1w" => nie znaleziono "C:\Program Files\312GR4SIS4" => nie znaleziono "C:\Program Files\1FG91MQVUM" => nie znaleziono "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{19bc2252-97f2-4732-a968-d5b2e8a913c2}\\NameServer" => nie znaleziono HKU\S-1-5-21-2179461822-2610717262-2476200935-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono service_box.exe => serwis nie znaleziono. updater => serwis nie znaleziono. oahnmwqz => serwis nie znaleziono. "C:\WINDOWS\System32\Tasks\LaCieS" => nie znaleziono "C:\Users\rober\AppData\Local\AdService" => nie znaleziono "C:\Users\rober\AppData\Local\Optimizer" => nie znaleziono "C:\Program Files (x86)\foldershare" => nie znaleziono "C:\Windat" => nie znaleziono "C:\Disk" => nie znaleziono "C:\Applications" => nie znaleziono "C:\Users\rober\AppData\Roaming\9aa9c57174cc460db233b7d85fa67383" => nie znaleziono "C:\Users\rober\AppData\Local\InstallationConfiguration.xml" => nie znaleziono "C:\Users\rober\AppData\Local\installer.dat" => nie znaleziono "C:\Users\rober\AppData\Local\po.db" => nie znaleziono HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD2EBD9D-55DB-46CE-8C82-6B5854F5ADFF} => klucz nie znaleziono "C:\WINDOWS\System32\Tasks\{79087A47-040C-787D-0911-0E7A05041104}" => nie znaleziono HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{79087A47-040C-787D-0911-0E7A05041104} => klucz nie znaleziono HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A27DC34-828A-4D19-95DC-1EE5109F0B60} => klucz nie znaleziono "C:\WINDOWS\System32\Tasks\BcyoMZkjXMgFaPP2" => nie znaleziono HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BcyoMZkjXMgFaPP2 => klucz nie znaleziono HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A778ED2-68C4-458A-9F6C-B4F5FA5CB781} => klucz nie znaleziono "C:\WINDOWS\System32\Tasks\saKXaLnxQURzlMgex2" => nie znaleziono HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\saKXaLnxQURzlMgex2 => klucz nie znaleziono HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55F70757-A2F9-4C40-AD5B-52BCEC7C362A} => klucz nie znaleziono "C:\WINDOWS\System32\Tasks\pnIxobGIUDXdNt" => nie znaleziono HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\pnIxobGIUDXdNt => klucz nie znaleziono HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C7D5F18-F1BD-4A83-83D4-01158636FC38} => klucz nie znaleziono "C:\WINDOWS\System32\Tasks\plaAVjRQXWCDePSecyr2" => nie znaleziono HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\plaAVjRQXWCDePSecyr2 => klucz nie znaleziono HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95A34E05-D4FB-438F-B073-63E5E40280CD} => klucz nie znaleziono "C:\WINDOWS\System32\Tasks\plaAVjRQXWCDePSecyr" => nie znaleziono HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\plaAVjRQXWCDePSecyr => klucz nie znaleziono HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F90BEA2-B617-4140-AE3A-7554A1AB323D} => klucz nie znaleziono "C:\WINDOWS\System32\Tasks\BcyoMZkjXMgFaPP" => nie znaleziono HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BcyoMZkjXMgFaPP => klucz nie znaleziono HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7F6B99E-AA8E-4071-A0B0-FCF13F3F872D} => klucz nie znaleziono "C:\WINDOWS\System32\Tasks\saKXaLnxQURzlMgex" => nie znaleziono HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\saKXaLnxQURzlMgex => klucz nie znaleziono "C:\WINDOWS\Tasks\BcyoMZkjXMgFaPP.job" => nie znaleziono "C:\WINDOWS\Tasks\plaAVjRQXWCDePSecyr.job" => nie znaleziono "C:\WINDOWS\Tasks\saKXaLnxQURzlMgex.job" => nie znaleziono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{A32CD1B1-6267-43DC-837B-9E18DEAB3613}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A32CD1B1-6267-43DC-837B-9E18DEAB3613}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\Areary Page Fix => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Areary Page Fix" => pomyślnie usunięto C:\Program Files\Areary Page Fix => pomyślnie przeniesiono "C:\Program Files (x86)\umkISPBbU" => nie znaleziono "C:\Program Files (x86)\RrHYXuUpocPTIXdsppR" => nie znaleziono "C:\Program Files (x86)\TwPufLOWyrxU2" => nie znaleziono "C:\Program Files (x86)\aohGTEheqdnWC" => nie znaleziono HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A32CD1B1-6267-43DC-837B-9E18DEAB3613} => klucz nie znaleziono "C:\WINDOWS\System32\Tasks\Areary Page Fix" => nie znaleziono HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Areary Page Fix => klucz nie znaleziono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asystent uaktualnienia do systemu Windows 10.lnk => pomyślnie przeniesiono C:\Users\rober\Desktop\Google Chrome.lnk => pomyślnie przeniesiono C:\Users\rober\AppData\Roaming\Microsoft\Windows\Start Menu\Music Challenge.lnk => pomyślnie przeniesiono C:\Users\rober\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => pomyślnie przeniesiono "C:\Users\rober\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\G?ogle ?hrom?.lnk" => nie znaleziono "C:\Users\rober\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\G??gle ?hr?m?.lnk" => nie znaleziono "C:\Users\rober\AppData\Roaming\Browsers" => nie znaleziono C:\Program Files (x86)\Google\Chrome => pomyślnie przeniesiono "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome" => nie znaleziono C:\Users\rober\AppData\Local\Google\Chrome => pomyślnie przeniesiono "HKCU\Software\Google\Chrome" => pomyślnie usunięto HKCU\Software\Google\Update\ClientState\{4DC8B4CA-1BDA-483e-B5FA-D3C12E15B62D} => klucz nie znaleziono "HKCU\Software\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}" => pomyślnie usunięto "HKLM\SOFTWARE\Google\Chrome" => pomyślnie usunięto "HKLM\SOFTWARE\Google\Update\ClientState\{4DC8B4CA-1BDA-483e-B5FA-D3C12E15B62D}" => nie znaleziono "HKLM\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}" => nie znaleziono "HKLM\SOFTWARE\Wow6432Node\Google\Chrome" => pomyślnie usunięto HKLM\SOFTWARE\Wow6432Node\Google\Update\ClientState\{4DC8B4CA-1BDA-483e-B5FA-D3C12E15B62D} => klucz nie znaleziono "HKLM\SOFTWARE\Wow6432Node\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}" => pomyślnie usunięto ========= dir /a "C:\Program Files" ========= Volume in drive C has no label. Volume Serial Number is A004-DD64 Directory of C:\Program Files 06.01.2018 13:54 . 06.01.2018 13:54 .. 30.04.2017 06:59 7-Zip 06.01.2018 12:44 Adobe 23.05.2017 22:53 AMD 06.01.2018 12:48 AX3I2LNG6X 03.10.2017 20:35 Bandizip 15.12.2017 22:42 Common Files 18.03.2017 22:01 174 desktop.ini 30.04.2017 07:08 GIMP 2 30.04.2017 07:05 HP 06.01.2018 12:13 Internet Explorer 30.04.2017 07:17 IrfanView 21.06.2017 15:03 KMSpico 06.01.2018 12:44 LaCie Private Public 01.10.2017 17:10 Logitech 30.04.2017 18:42 MATLAB 30.04.2017 07:27 Microsoft Office 30.04.2017 07:04 Microsoft Office 15 06.10.2017 05:37 Microsoft Silverlight 23.05.2017 23:47 MSBuild 03.10.2017 21:05 National Instruments 30.04.2017 07:14 Notepad++ 23.12.2017 17:38 Opera 06.01.2018 12:46 OZU7LPSW8F 30.04.2017 07:18 R 23.05.2017 23:47 Reference Assemblies 30.04.2017 07:21 RStudio 06.01.2018 12:44 Uninstall Information 23.05.2017 22:53 VIA 12.07.2017 10:20 Windows Defender 20.03.2017 05:00 Windows Defender Advanced Threat Protection 01.10.2017 17:03 Windows Mail 13.12.2017 15:44 Windows Media Player 18.03.2017 22:03 Windows Multimedia Platform 23.05.2017 23:01 Windows NT 17.11.2017 00:44 Windows Photo Viewer 18.03.2017 22:03 Windows Portable Devices 18.03.2017 22:03 Windows Security 18.03.2017 22:03 Windows Sidebar 05.01.2018 17:07 WindowsApps 18.03.2017 22:03 WindowsPowerShell 1 File(s) 174 bytes 41 Dir(s) 32˙326˙840˙320 bytes free ========= Koniec CMD: ========= ========= dir /a "C:\Program Files (x86)" ========= Volume in drive C has no label. Volume Serial Number is A004-DD64 Directory of C:\Program Files (x86) 06.01.2018 13:53 . 06.01.2018 13:53 .. 15.12.2017 22:40 Adobe 23.05.2017 22:53 AMD 30.04.2017 07:20 Ares 04.07.2017 22:19 Ashampoo 30.04.2017 07:23 Brackets 14.10.2017 19:29 ChomikBox 03.10.2017 21:08 Common Files 18.03.2017 22:01 174 desktop.ini 07.12.2017 00:28 Dropbox 06.01.2018 13:54 Google 30.04.2017 07:05 HP 06.01.2018 12:13 Internet Explorer 18.12.2017 15:57 IQBoard IRx Drivers V8.0 03.10.2017 21:08 JKI 30.04.2017 06:56 Microsoft Analysis Services 30.04.2017 07:29 Microsoft Office 06.10.2017 05:37 Microsoft Silverlight 17.06.2017 10:30 Microsoft SQL Server 17.06.2017 10:30 Microsoft.NET 06.01.2018 12:45 Mozilla Firefox 06.01.2018 12:45 Mozilla Maintenance Service 23.05.2017 23:47 MSBuild 03.10.2017 21:07 National Instruments 23.05.2017 23:47 Reference Assemblies 10.05.2017 13:43 Simplenote 30.04.2017 07:11 VideoLAN 12.07.2017 10:20 Windows Defender 01.10.2017 17:03 Windows Mail 13.12.2017 15:44 Windows Media Player 18.03.2017 22:03 Windows Multimedia Platform 18.03.2017 22:03 Windows NT 17.11.2017 00:44 Windows Photo Viewer 18.03.2017 22:03 Windows Portable Devices 18.03.2017 22:03 Windows Sidebar 18.03.2017 22:03 WindowsPowerShell 06.01.2018 12:44 XzHPrxtn9FTi 06.01.2018 12:44 XzHPrxtn9FTi Updater 18.12.2017 15:58 YACReader 1 File(s) 174 bytes 39 Dir(s) 32˙326˙836˙224 bytes free ========= Koniec CMD: ========= ========= dir /a "C:\Program Files\Common Files\System" ========= Volume in drive C has no label. Volume Serial Number is A004-DD64 Directory of C:\Program Files\Common Files\System 20.03.2017 04:58 . 20.03.2017 04:58 .. 23.05.2017 23:50 ado 18.03.2017 21:59 32˙768 DirectDB.dll 20.03.2017 04:58 en-US 20.03.2017 04:58 msadc 20.03.2017 04:58 Ole DB 20.03.2017 04:58 pl-PL 18.03.2017 21:57 854˙528 wab32.dll 18.03.2017 21:57 964˙096 wab32res.dll 3 File(s) 1˙851˙392 bytes 7 Dir(s) 32˙326˙836˙224 bytes free ========= Koniec CMD: ========= ========= dir /a "C:\Program Files (x86)\Common Files\System" ========= Volume in drive C has no label. Volume Serial Number is A004-DD64 Directory of C:\Program Files (x86)\Common Files\System 17.06.2017 10:28 . 17.06.2017 10:28 .. 23.05.2017 23:50 ado 18.03.2017 21:59 27˙648 DirectDB.dll 20.03.2017 04:58 en-US 20.03.2017 04:58 msadc 17.06.2017 10:28 MSMAPI 17.06.2017 10:30 Ole DB 20.03.2017 04:58 pl-PL 18.03.2017 21:58 741˙888 wab32.dll 18.03.2017 21:58 964˙096 wab32res.dll 3 File(s) 1˙733˙632 bytes 8 Dir(s) 32˙326˙836˙224 bytes free ========= Koniec CMD: ========= ========= dir /a C:\ProgramData ========= Volume in drive C has no label. Volume Serial Number is A004-DD64 Directory of C:\ProgramData 06.01.2018 13:11 . 06.01.2018 13:11 .. 15.12.2017 22:35 Adobe 17.05.2017 08:15 AMD 30.04.2017 07:05 57 Ament.ini 04.07.2017 22:20 Ashampoo 19.12.2017 18:53 boost_interprocess 29.04.2017 21:49 Comms 30.04.2017 15:37 Dane aplikacji [C:\ProgramData] 30.04.2017 15:37 Dokumenty [C:\Users\Public\Documents] 30.04.2017 06:59 Dropbox 30.04.2017 07:05 HP 04.10.2017 19:11 JKI 01.10.2017 17:10 Logishrd 01.10.2017 17:11 Logitech 30.04.2017 15:37 Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu] 03.10.2017 21:03 Microsoft 03.01.2018 15:40 Microsoft Help 23.05.2017 23:03 Microsoft OneDrive 29.10.2017 17:36 National Instruments 06.01.2018 13:11 5˙260 ntuser.pol 14.12.2017 21:44 Package Cache 30.04.2017 15:37 Pulpit [C:\Users\Public\Desktop] 14.12.2017 22:33 regid.1986-12.com.adobe 17.06.2017 10:29 regid.1991-06.com.microsoft 18.03.2017 22:03 SoftwareDistribution 06.01.2018 12:45 System Native 30.04.2017 15:37 Szablony [C:\ProgramData\Microsoft\Windows\Templates] 23.05.2017 23:07 USOPrivate 23.05.2017 23:07 USOShared 20.03.2017 05:00 WindowsHolographicDevices 2 File(s) 5˙317 bytes 29 Dir(s) 32˙326˙832˙128 bytes free ========= Koniec CMD: ========= ========= dir /a C:\Users\rober\AppData\Local ========= Volume in drive C has no label. Volume Serial Number is A004-DD64 Directory of C:\Users\rober\AppData\Local 06.01.2018 13:53 . 06.01.2018 13:53 .. 14.12.2017 21:57 319˙553˙372 ACCCx4_3_0_256.zip.aamdownload 14.12.2017 21:57 3˙567 ACCCx4_3_0_256.zip.aamdownload.aamd 06.01.2018 12:18 Adobe 18.12.2017 15:56 Amazon 03.05.2017 12:17 AMD 30.04.2017 07:20 Ares 30.04.2017 07:01 ashampoo 30.04.2017 06:51 CEF 15.10.2017 15:03 ChomikBox 30.04.2017 18:37 Comms 23.05.2017 23:03 ConnectedDevicesPlatform 23.05.2017 22:54 Dane aplikacji [C:\Users\rober\AppData\Local] 04.06.2017 21:52 DBG 30.07.2017 08:43 Diagnostics 10.11.2017 07:35 Dropbox 23.06.2017 11:37 Facebook 06.01.2018 13:54 Google 30.04.2017 07:01 GrammarlyForWindows 23.05.2017 22:54 Historia [C:\Users\rober\AppData\Local\Microsoft\Windows\History] 30.04.2017 07:07 HP 06.01.2018 13:16 127˙308 IconCache.db 12.07.2017 14:14 LocalStorage 30.04.2017 19:37 MathWorks 24.10.2017 23:37 Microsoft 30.04.2017 06:55 Microsoft Help 30.04.2017 06:44 MicrosoftEdge 26.10.2017 20:22 Mozilla 18.12.2017 12:53 173 msmathematics.qat.rober 03.10.2017 21:54 National Instruments 01.05.2017 13:37 NetworkTiles 06.01.2018 13:11 OneSystemCare 30.04.2017 07:14 Opera Software 30.04.2017 07:16 Package Cache 06.01.2018 00:00 Packages 30.04.2017 07:07 PackageStaging 30.04.2017 06:45 PeerDistRepub 04.12.2017 11:02 Pergamon-MED 30.04.2017 07:16 Programs 30.04.2017 06:40 Publishers 19.12.2017 22:57 RStudio-Desktop 03.11.2017 21:09 Spotify 30.04.2017 07:01 SquirrelTemp 06.01.2018 13:53 Temp 23.05.2017 22:54 Temporary Internet Files [C:\Users\rober\AppData\Local\Microsoft\Windows\INetCache] 30.04.2017 06:40 TileDataLayer 30.04.2017 07:23 VirtualStore 19.12.2017 22:07 45˙056 WebpageIcons.db 19.11.2017 14:27 YACReader 5 File(s) 319˙729˙476 bytes 45 Dir(s) 32˙326˙832˙128 bytes free ========= Koniec CMD: ========= ========= dir /a C:\Users\rober\AppData\LocalLow ========= Volume in drive C has no label. Volume Serial Number is A004-DD64 Directory of C:\Users\rober\AppData\LocalLow 27.12.2017 17:42 . 27.12.2017 17:42 .. 30.04.2017 06:51 Adobe 30.04.2017 06:46 AMD 03.10.2017 21:03 Microsoft 06.01.2018 12:43 Mozilla 01.05.2017 10:17 Temp 06.01.2018 12:36 uTorrent 0 File(s) 0 bytes 8 Dir(s) 32˙326˙832˙128 bytes free ========= Koniec CMD: ========= ========= dir /a C:\Users\rober\AppData\Roaming ========= Volume in drive C has no label. Volume Serial Number is A004-DD64 Directory of C:\Users\rober\AppData\Roaming 06.01.2018 13:53 . 06.01.2018 13:53 .. 02.01.2018 01:00 Adobe 19.11.2017 14:43 AdobeUM 30.04.2017 07:01 Ashampoo 02.06.2017 09:35 Brackets 30.04.2017 07:00 Dropbox 18.12.2017 12:55 GeoGebra 30.04.2017 06:46 Google 30.04.2017 07:01 Grammarly 30.04.2017 07:17 IrfanView 01.10.2017 17:10 Logishrd 01.10.2017 17:10 Logitech 30.04.2017 06:51 Macromedia 30.04.2017 19:33 MathWorks 29.10.2017 17:23 Microsoft 27.12.2017 17:22 Mozilla 30.04.2017 07:14 Notepad++ 30.04.2017 07:14 Opera Software 19.12.2017 22:57 RStudio 02.01.2018 01:00 Simplenote 30.04.2017 06:42 Skype 03.11.2017 20:08 Spotify 30.04.2017 19:37 Subversion 06.01.2018 12:41 System Native 06.01.2018 13:11 ubfqj1twdfz 06.01.2018 13:10 uTorrent 06.01.2018 13:10 vlc 06.01.2018 13:48 z232ea1u3ng 0 File(s) 0 bytes 29 Dir(s) 32˙326˙828˙032 bytes free ========= Koniec CMD: ========= ========= netsh advfirewall reset ========= Ok. ========= Koniec CMD: ========= ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= Koniec CMD: ========= ========= wevtutil el | Foreach-Object {wevtutil cl "$_"} ========= ========= Koniec Powershell: ========= =========== EmptyTemp: ========== BITS transfer queue => 8151040 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11189980 B Java, Flash, Steam htmlcache => 510 B Windows/system/drivers => 8302974 B Edge => 14038367 B Chrome => 0 B Firefox => 160412437 B Opera => 47280993 B Temp, IE cache, history, cookies, recent: Default => 6656 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 25091 B systemprofile32 => 128 B LocalService => 17976 B NetworkService => 509940 B defaultuser0 => 7168 B rober => 8359016275 B RecycleBin => 85307096 B EmptyTemp: => 8.1 GB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 13:58:23 ====