Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 12.02.2018
Uruchomiony przez pklos (13-02-2018 20:08:39) Run:1
Uruchomiony z C:\Users\pklos\Downloads
Załadowane profile: pklos (Dostępne profile: pklos)
Tryb startu: Normal
==============================================

fixlist - zawartość:
*****************
CloseProcesses:
CreateRestorePoint:
C:\Users\pklos\Documents\INTERsoft\ArCADia-START\6.5 PL\Print Styles\Create a Print Style Table.lnk 
C:\Users\pklos\Desktop\Auslogics DiskDefrag.lnk 
CustomCLSID: HKU\S-1-5-21-1307399746-3321642949-2734818087-1001_Classes\CLSID\{49E0BE0A-39E0-4932-B7BE-F249D56ACD31}\InprocServer32 -> csp16.dll => Brak pliku
Task: {27D13405-9702-4343-A295-DC4497BCFA05} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA
HKLM\...\Run: [SERVICE] => [X]
HKLM\...\RunOnce: [x4zzmy5u5ag] => C:\Program Files (x86)\ccc\ccc.exe [670208 2018-02-11] ()
HKLM\...\RunOnce: [pqgyl4fam1f] => C:\Program Files (x86)\ccc\ccc.exe [670208 2018-02-11] ()
C:\Program Files (x86)\ccc
HKU\S-1-5-21-1307399746-3321642949-2734818087-1001\...\Policies\Explorer: [] 
AppInit_DLLs: C:\ProgramData\Quoteex\Dripranfix.dll => Brak pliku
AppInit_DLLs-x32: C:\ProgramData\Quoteex\Driptech.dll => Brak pliku
C:\ProgramData\Quoteex
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nHook.exe
IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nHook.exe
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Ograniczenia - Chrome <==== UWAGA
HKU\S-1-5-21-1307399746-3321642949-2734818087-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <==== UWAGA
HKU\S-1-5-21-1307399746-3321642949-2734818087-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccYrAlKCo1kNn6F9vcF55hOQj6P9k6WrOGoLccoB77SOD-E_nl2Ja0e9z4E-Qq7umdnTrL2pKx7ADSs5fDKilpQ7nI8Q25B1bt_NZg30rpdle0ZkmtmGbGvA5MPWKWXvnZmv6g887a8EvGLsc9RoH_gzqAijFw,,&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope - brak wartości
FF NewTab: Mozilla\Firefox\Profiles\34v2zedf.default -> C:\\ProgramData\\Quoteexs\\ff.NT
CHR StartupUrls: Default -> "hxxps://search.safefinder.com/?st=sc&q="
S1 elauxnoe; \??\C:\WINDOWS\system32\drivers\elauxnoe.sys [X]
S1 fndzutse; \??\C:\WINDOWS\system32\drivers\fndzutse.sys [X]
2018-02-11 22:55 - 2018-02-11 22:55 - 007576064 _____ () C:\Users\pklos\AppData\Local\agent.dat
2018-02-11 22:55 - 2018-02-11 22:55 - 000070896 _____ () C:\Users\pklos\AppData\Local\Config.xml
2018-02-11 22:55 - 2018-02-11 22:55 - 000140800 _____ () C:\Users\pklos\AppData\Local\installer.dat
2018-02-11 22:55 - 2018-02-11 22:55 - 000005568 _____ () C:\Users\pklos\AppData\Local\md.xml
2018-02-11 22:55 - 2018-02-11 22:55 - 000126464 _____ () C:\Users\pklos\AppData\Local\noah.dat
2018-02-11 22:55 - 2018-02-11 22:55 - 000278509 _____ () C:\Users\pklos\AppData\Local\Rankronstring.tst
2018-02-11 22:55 - 2018-02-11 22:55 - 001983026 _____ () C:\Users\pklos\AppData\Local\Subhome.tst
Tcpip\..\Interfaces\{2cc371c0-e1e4-4191-ad71-68a0ab659df2}: [NameServer] 82.163.142.8,95.211.158.136
Tcpip\..\Interfaces\{6997474f-c083-4230-bc4d-cdf004e68961}: [NameServer] 82.163.142.8,95.211.158.136
CMD: ipconfig /flushdns
VirusTotal: C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe
CMD: dir /a "C:\Program Files"
CMD: dir /a "C:\Program Files (x86)"
CMD: dir /a "C:\Program Files\Common Files\System"
CMD: dir /a "C:\Program Files (x86)\Common Files\System"
CMD: dir /a C:\ProgramData
CMD: dir /a C:\Users\pklos\AppData\Local
CMD: dir /a C:\Users\pklos\AppData\LocalLow
CMD: dir /a C:\Users\pklos\AppData\Roaming
Hosts:
Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"}
EmptyTemp:
*****************

Procesy zostały pomyślnie zamknięte.
Punkt przywracania został pomyślnie utworzony.
C:\Users\pklos\Documents\INTERsoft\ArCADia-START\6.5 PL\Print Styles\Create a Print Style Table.lnk => pomyślnie przeniesiono
C:\Users\pklos\Desktop\Auslogics DiskDefrag.lnk => pomyślnie przeniesiono
"HKU\S-1-5-21-1307399746-3321642949-2734818087-1001_Classes\CLSID\{49E0BE0A-39E0-4932-B7BE-F249D56ACD31}" => pomyślnie usunięto
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{27D13405-9702-4343-A295-DC4497BCFA05} => niepowodzenie przy usuwaniu klucz. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27D13405-9702-4343-A295-DC4497BCFA05} => niepowodzenie przy usuwaniu klucz. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => niepowodzenie przy usuwaniu klucz. ErrorCode1: 0x00000001
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SERVICE" => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\x4zzmy5u5ag" => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\pqgyl4fam1f" => pomyślnie usunięto
C:\Program Files (x86)\ccc => pomyślnie przeniesiono
"HKU\S-1-5-21-1307399746-3321642949-2734818087-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => pomyślnie usunięto
"C:\ProgramData\Quoteex\Dripranfix.dll" => Dane wartości pomyślnie usunięto
"C:\ProgramData\Quoteex\Driptech.dll" => Dane wartości pomyślnie usunięto
"C:\ProgramData\Quoteex" => nie znaleziono
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\OSppSvc.exe" => pomyślnie usunięto
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SppExtComObj.exe" => pomyślnie usunięto
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Wartość pomyślnie przywrócono
C:\WINDOWS\system32\GroupPolicy\Machine => pomyślnie przeniesiono
C:\WINDOWS\system32\GroupPolicy\GPT.ini => pomyślnie przeniesiono
"HKU\S-1-5-21-1307399746-3321642949-2734818087-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => pomyślnie usunięto
HKU\S-1-5-21-1307399746-3321642949-2734818087-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie przywrócono
"Firefox newtab" => pomyślnie usunięto
"Chrome StartupUrls" => pomyślnie usunięto
"HKLM\System\CurrentControlSet\Services\elauxnoe" => pomyślnie usunięto
elauxnoe => serwis pomyślnie usunięto
"HKLM\System\CurrentControlSet\Services\fndzutse" => pomyślnie usunięto
fndzutse => serwis pomyślnie usunięto
C:\Users\pklos\AppData\Local\agent.dat => pomyślnie przeniesiono
C:\Users\pklos\AppData\Local\Config.xml => pomyślnie przeniesiono
C:\Users\pklos\AppData\Local\installer.dat => pomyślnie przeniesiono
C:\Users\pklos\AppData\Local\md.xml => pomyślnie przeniesiono
C:\Users\pklos\AppData\Local\noah.dat => pomyślnie przeniesiono
C:\Users\pklos\AppData\Local\Rankronstring.tst => pomyślnie przeniesiono
C:\Users\pklos\AppData\Local\Subhome.tst => pomyślnie przeniesiono
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2cc371c0-e1e4-4191-ad71-68a0ab659df2}\\NameServer" => pomyślnie usunięto
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{6997474f-c083-4230-bc4d-cdf004e68961}\\NameServer" => pomyślnie usunięto

========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= Koniec  CMD: =========

VirusTotal: C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe => https://www.virustotal.com/file/ce9fe2fc90e69ae640de53b677098e77ddfe6eac64e4db1544cccce0a01fb06c/analysis/1510314619/

========= dir /a "C:\Program Files" =========

 Volume in drive C has no label.
 Volume Serial Number is DC33-D2C5

 Directory of C:\Program Files

12.02.2018  22:05    <DIR>          .
12.02.2018  22:05    <DIR>          ..
08.04.2016  10:04    <DIR>          7-Zip
19.12.2017  19:58    <DIR>          AMD
18.10.2017  20:41    <DIR>          Android
09.04.2017  22:40    <DIR>          Apache Software Foundation
17.02.2016  02:08    <DIR>          Application Verifier
19.12.2017  21:04    <DIR>          ATI Technologies
21.02.2017  11:29    <DIR>          Autodesk
23.04.2017  08:29    <DIR>          Boris FX, Inc
13.09.2016  08:55    <DIR>          CCleaner
19.12.2017  20:52    <DIR>          Common Files
16.02.2016  11:27    <DIR>          DAEMON Tools Lite
29.09.2017  14:44               174 desktop.ini
04.12.2017  10:06    <DIR>          dotnet
12.10.2017  15:07    <DIR>          FileZilla FTP Client
28.03.2016  13:00    <DIR>          GIMP 2
15.03.2017  12:52    <DIR>          Git
16.02.2016  20:37    <DIR>          HWiNFO64
19.12.2017  20:52    <DIR>          IIS
04.12.2017  10:11    <DIR>          IIS Express
26.07.2017  22:57    <DIR>          Inkscape
22.12.2017  10:08    <DIR>          internet explorer
18.01.2018  19:28    <DIR>          Java
18.10.2017  20:47    <DIR>          JetBrains
04.12.2017  10:06    <DIR>          Microsoft ASP.NET Core Runtime Package Store
26.11.2016  01:10    <DIR>          Microsoft Office
26.11.2016  01:11    <DIR>          Microsoft Office 15
04.12.2017  10:12    <DIR>          Microsoft SDKs
15.06.2017  11:29    <DIR>          Microsoft Silverlight
05.06.2017  21:05    <DIR>          Microsoft SQL Server
17.02.2016  00:13    <DIR>          Microsoft SQL Server Compact Edition
02.09.2016  17:00    <DIR>          MPC-HC
19.12.2017  19:43    <DIR>          MSBuild
22.09.2017  21:34    <DIR>          MySQL
12.02.2018  22:05    <DIR>          nodejs
12.02.2018  22:54    <DIR>          Opera
11.02.2018  22:10    <DIR>          Oracle
17.02.2017  14:47    <DIR>          QGIS 2.18
19.12.2017  19:43    <DIR>          Reference Assemblies
08.12.2017  11:03    <DIR>          rempl
16.02.2016  12:01    <DIR>          TeamSpeak 3 Client
16.02.2016  01:40    <DIR>          Uninstall Information
19.12.2017  20:52    <DIR>          UNP
04.12.2017  10:12    <DIR>          VS2010Schemas
04.12.2017  10:12    <DIR>          VS2012Schemas
22.12.2017  10:08    <DIR>          Windows Defender
19.12.2017  19:58    <DIR>          Windows Mail
30.09.2017  15:29    <DIR>          Windows Media Player
29.09.2017  14:46    <DIR>          Windows Multimedia Platform
19.12.2017  21:30    <DIR>          windows nt
30.09.2017  15:28    <DIR>          Windows Photo Viewer
29.09.2017  14:46    <DIR>          Windows Portable Devices
29.09.2017  14:46    <DIR>          Windows Security
29.09.2017  14:46    <DIR>          Windows Sidebar
13.02.2018  18:30    <DIR>          WindowsApps
29.09.2017  14:46    <DIR>          WindowsPowerShell
               1 File(s)            174 bytes
              56 Dir(s)  29˙151˙178˙752 bytes free

========= Koniec  CMD: =========


========= dir /a "C:\Program Files (x86)" =========

 Volume in drive C has no label.
 Volume Serial Number is DC33-D2C5

 Directory of C:\Program Files (x86)

13.02.2018  20:09    <DIR>          .
13.02.2018  20:09    <DIR>          ..
27.07.2017  10:59    <DIR>          ActiveState Komodo Edit 10
23.02.2017  21:06    <DIR>          Adobe
12.04.2017  09:58    <DIR>          Apple Software Update
17.02.2016  02:08    <DIR>          Application Verifier
19.12.2017  21:03    <DIR>          ATI Technologies
05.11.2017  21:51    <DIR>          Audacity
21.02.2017  11:24    <DIR>          Autodesk
29.03.2017  08:36    <DIR>          Boris FX, Inc
19.06.2017  16:55    <DIR>          BRS
11.02.2018  23:18    <DIR>          Common Files
29.09.2017  14:44               174 desktop.ini
04.12.2017  10:01    <DIR>          Entity Framework Tools
16.02.2016  11:54    <DIR>          foobar2000
21.08.2017  15:06    <DIR>          Foxit Software
26.11.2017  23:08    <DIR>          Geekbench 4
16.02.2016  02:03    <DIR>          Google
29.12.2017  23:27    <DIR>          Hewlett-Packard
17.02.2016  03:01    <DIR>          IIS
04.12.2017  10:11    <DIR>          IIS Express
10.07.2017  11:12    <DIR>          ImgBurn
18.09.2017  21:15    <DIR>          InstallShield Installation Information
16.02.2016  02:08    <DIR>          Intel
22.12.2017  10:08    <DIR>          Internet Explorer
18.10.2017  20:39    <DIR>          JetBrains
17.02.2016  00:21    <DIR>          Microsoft Help Viewer
04.02.2018  14:21    <DIR>          Microsoft Office
19.12.2017  12:43    <DIR>          Microsoft SDKs
15.06.2017  11:29    <DIR>          Microsoft Silverlight
04.12.2017  10:11    <DIR>          Microsoft SQL Server
17.02.2016  00:13    <DIR>          Microsoft SQL Server Compact Edition
12.02.2018  20:27    <DIR>          Microsoft Toolkit Final
04.12.2017  09:59    <DIR>          Microsoft Visual Studio
19.12.2017  11:22    <DIR>          Microsoft Visual Studio 11.0
19.12.2017  11:22    <DIR>          Microsoft Visual Studio 12.0
19.12.2017  12:47    <DIR>          Microsoft Visual Studio 14.0
19.12.2017  12:30    <DIR>          Microsoft Web Tools
19.12.2017  20:52    <DIR>          Microsoft.NET
04.02.2018  21:47    <DIR>          Mozilla Firefox
04.02.2018  21:47    <DIR>          Mozilla Maintenance Service
19.12.2017  20:52    <DIR>          MSBuild
25.06.2016  10:04    <DIR>          MyPhoneExplorer
22.09.2017  21:09    <DIR>          MySQL
13.01.2017  08:55    <DIR>          NapiProjekt
19.12.2017  12:32    <DIR>          NuGet
19.06.2017  16:55    <DIR>          OpenAL
07.04.2017  18:17    <DIR>          QuickTime
19.12.2017  19:43    <DIR>          Reference Assemblies
28.05.2017  11:54    <DIR>          Rockstar Games
18.09.2017  21:14    <DIR>          Samsung
04.07.2016  16:21    <DIR>          Skype
13.02.2018  00:05    <DIR>          Spybot - Search & Destroy 2
11.03.2017  20:38    <DIR>          uTorrent
30.09.2017  15:28    <DIR>          Windows Defender
17.02.2016  02:54    <DIR>          Windows Kits
19.12.2017  19:59    <DIR>          Windows Mail
30.09.2017  15:29    <DIR>          Windows Media Player
29.09.2017  14:46    <DIR>          Windows Multimedia Platform
29.09.2017  14:46    <DIR>          windows nt
30.09.2017  15:28    <DIR>          Windows Photo Viewer
29.09.2017  14:46    <DIR>          Windows Portable Devices
29.09.2017  14:46    <DIR>          Windows Sidebar
29.09.2017  14:46    <DIR>          WindowsPowerShell
11.12.2002  22:11         4˙085˙904 wmfdist.exe
15.04.2003  19:27           793˙536 wmpcdcs8.exe
14.03.2017  10:42    <DIR>          Zero G Registry
               3 File(s)      4˙879˙614 bytes
              64 Dir(s)  29˙150˙617˙600 bytes free

========= Koniec  CMD: =========


========= dir /a "C:\Program Files\Common Files\System" =========

 Volume in drive C has no label.
 Volume Serial Number is DC33-D2C5

 Directory of C:\Program Files\Common Files\System

30.09.2017  15:28    <DIR>          .
30.09.2017  15:28    <DIR>          ..
30.09.2017  15:28    <DIR>          ado
30.09.2017  15:28    <DIR>          en-US
30.09.2017  15:28    <DIR>          msadc
30.09.2017  15:28    <DIR>          ole db
30.09.2017  15:28    <DIR>          pl-PL
29.09.2017  14:41           863˙744 wab32.dll
29.09.2017  14:41           964˙096 wab32res.dll
               2 File(s)      1˙827˙840 bytes
               7 Dir(s)  29˙150˙486˙528 bytes free

========= Koniec  CMD: =========


========= dir /a "C:\Program Files (x86)\Common Files\System" =========

 Volume in drive C has no label.
 Volume Serial Number is DC33-D2C5

 Directory of C:\Program Files (x86)\Common Files\System

30.09.2017  15:28    <DIR>          .
30.09.2017  15:28    <DIR>          ..
30.09.2017  15:28    <DIR>          ado
30.09.2017  15:28    <DIR>          en-US
30.09.2017  15:28    <DIR>          msadc
30.09.2017  15:28    <DIR>          ole db
30.09.2017  15:28    <DIR>          pl-PL
29.09.2017  14:42           748˙032 wab32.dll
29.09.2017  14:42           964˙096 wab32res.dll
               2 File(s)      1˙712˙128 bytes
               7 Dir(s)  29˙150˙486˙528 bytes free

========= Koniec  CMD: =========


========= dir /a C:\ProgramData =========

 Volume in drive C has no label.
 Volume Serial Number is DC33-D2C5

 Directory of C:\ProgramData

13.02.2018  18:36    <DIR>          .
13.02.2018  18:36    <DIR>          ..
31.05.2017  14:34    <DIR>          .mono
23.02.2017  21:06    <DIR>          Adobe
27.01.2018  19:53    <DIR>          Anaconda2
07.04.2017  18:16    <DIR>          Apple
07.04.2017  18:17    <DIR>          Apple Computer
16.02.2016  12:16    <DIR>          Applications
19.12.2017  21:35    <DIR>          ATI
10.03.2017  21:43    <DIR>          Autodesk
20.02.2017  15:08    <DIR>          boost_interprocess
30.05.2017  21:08    <DIR>          CDProjekt RED
23.06.2017  20:33    <DIR>          Codemasters
16.07.2016  12:47    <DIR>          Comms
16.02.2016  11:26    <DIR>          DAEMON Tools Lite
16.02.2016  01:37    <JUNCTION>     Dane aplikacji [C:\ProgramData]
04.12.2017  10:12    <DIR>          dftmp
16.02.2016  01:37    <JUNCTION>     Dokumenty [C:\Users\Public\Documents]
19.06.2017  17:35    <DIR>          DSS
20.02.2016  22:40    <DIR>          EA Core
20.02.2016  22:40    <DIR>          Electronic Arts
21.11.2016  19:50            19˙535 empty.ico
17.02.2017  13:49    <DIR>          ESRI
16.02.2016  15:14    <DIR>          FARO
17.02.2017  14:01    <DIR>          FLEXnet
03.10.2016  21:34    <DIR>          Foxit ContentPlatform
21.08.2017  15:08    <DIR>          Foxit Software
29.03.2017  08:36    <DIR>          FXHOME
15.03.2017  12:52    <DIR>          Git
13.06.2017  14:50    <DIR>          GOG.com
11.05.2016  09:47    <DIR>          HEC
11.02.2018  22:55               438 installer_logfile.log
25.03.2016  20:54    <DIR>          IsolatedStorage
16.02.2016  01:37    <JUNCTION>     Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu]
13.02.2018  00:04    <DIR>          Microsoft
17.02.2016  03:16    <DIR>          Microsoft DNX
26.11.2016  01:10    <DIR>          Microsoft Help
19.12.2017  21:34    <DIR>          Microsoft OneDrive
16.02.2016  13:35               133 Microsoft.SqlServer.Compact.351.64.bc
22.09.2017  21:34    <DIR>          MySQL
11.02.2018  22:56               266 ntuser.pol
15.03.2016  21:09    <DIR>          OO Software
18.01.2018  19:28    <DIR>          Oracle
19.12.2017  21:03    <DIR>          Package Cache
16.02.2016  01:37    <JUNCTION>     Pulpit [C:\Users\Public\Desktop]
04.02.2018  14:23    <DIR>          regid.1991-06.com.microsoft
18.09.2017  21:14    <DIR>          Samsung
04.07.2016  16:21    <DIR>          Skype
29.09.2017  14:46    <DIR>          SoftwareDistribution
13.02.2018  00:04    <DIR>          Spybot - Search & Destroy
16.02.2016  01:37    <JUNCTION>     Szablony [C:\ProgramData\Microsoft\Windows\Templates]
19.12.2017  21:09    <DIR>          USOPrivate
19.12.2017  21:09    <DIR>          USOShared
17.02.2016  00:10    <DIR>          VsTelemetry
17.02.2016  02:08    <DIR>          Windows App Certification Kit
30.09.2017  15:30    <DIR>          WindowsHolographicDevices
               4 File(s)         20˙372 bytes
              52 Dir(s)  29˙150˙478˙336 bytes free

========= Koniec  CMD: =========


========= dir /a C:\Users\pklos\AppData\Local =========

 Volume in drive C has no label.
 Volume Serial Number is DC33-D2C5

 Directory of C:\Users\pklos\AppData\Local

13.02.2018  20:09    <DIR>          .
13.02.2018  20:09    <DIR>          ..
22.04.2017  15:55    <DIR>          .distlib
04.12.2017  10:53    <DIR>          .IdentityService
20.03.2017  23:36    <DIR>          A
19.06.2017  12:09    <DIR>          ActiveState
16.02.2016  01:49    <DIR>          ActiveSync
23.02.2017  08:47    <DIR>          Adobe
13.02.2018  18:24    <DIR>          Akamai
29.02.2016  20:11    <DIR>          AMD
18.10.2017  20:42    <DIR>          Android
07.04.2017  18:16    <DIR>          Apple
20.02.2017  13:35    <DIR>          ArcGISRuntime
06.12.2017  18:42    <DIR>          ASP.NET
20.12.2017  21:23    <DIR>          assembly
19.12.2017  21:02    <DIR>          ATI
05.11.2017  21:51    <DIR>          Audacity
21.02.2017  11:30    <DIR>          Autodesk
26.05.2016  22:33    <DIR>          CEF
11.05.2017  08:32    <DIR>          Chromium
16.02.2016  01:49    <DIR>          Comms
06.01.2018  12:26    <DIR>          conda
19.12.2017  21:33    <DIR>          ConnectedDevicesPlatform
28.01.2018  14:02    <DIR>          CrashDumps
29.03.2017  08:39    <DIR>          Crashpad
19.12.2017  21:04    <JUNCTION>     Dane aplikacji [C:\Users\pklos\AppData\Local]
20.12.2017  17:31    <DIR>          DBG
30.12.2016  20:57    <DIR>          Diagnostics
16.02.2016  11:28    <DIR>          Disc_Soft_Ltd
18.09.2017  20:53    <DIR>          Downloaded Installations
04.02.2018  15:51    <DIR>          Eclipse
22.02.2017  18:21    <DIR>          ESRI
17.02.2017  14:15    <DIR>          ESRI_Licensing
12.10.2017  15:08    <DIR>          FileZilla
22.02.2016  23:35    <DIR>          FluxSoftware
28.03.2016  21:30    <DIR>          fontconfig
03.10.2016  21:31    <DIR>          Foxit Reader
29.03.2017  08:39    <DIR>          FXHOME
29.03.2017  08:39    <DIR>          FXHOME Helper
28.03.2016  21:30    <DIR>          gegl-0.2
30.05.2017  20:49    <DIR>          GOG.com
30.10.2016  19:35    <DIR>          Google
09.12.2017  11:37    <DIR>          gtk-2.0
23.11.2016  21:57    <DIR>          HEC
19.12.2017  21:04    <JUNCTION>     Historia [C:\Users\pklos\AppData\Local\Microsoft\Windows\History]
29.03.2017  08:39    <DIR>          HitFilm 4 Express Activation
23.11.2016  22:04    <DIR>          Hydrologic_Engineering_Ce
13.02.2018  18:37         6˙291˙456 IconCache.db
10.03.2017  21:43    <DIR>          IsolatedStorage
19.12.2017  21:31    <DIR>          Microsoft
16.02.2016  11:35    <DIR>          Microsoft Help
23.02.2016  11:35    <DIR>          MicrosoftEdge
27.12.2016  21:23    <DIR>          Mozilla
26.11.2016  01:24    <DIR>          mpress
16.02.2016  14:48    <DIR>          NetworkTiles
11.12.2017  21:04    <DIR>          NFS Underground 2
06.12.2017  18:45    <DIR>          NuGet
15.03.2016  21:10    <DIR>          O&O
13.09.2016  08:47    <DIR>          Ohdsics
23.12.2017  18:01    <DIR>          Opera Software
22.04.2017  15:53    <DIR>          Package Cache
19.01.2018  20:24    <DIR>          Packages
17.10.2017  21:24    <DIR>          pip
07.08.2016  10:40    <DIR>          Programs
16.02.2016  01:48    <DIR>          Publishers
28.04.2017  21:47    <DIR>          Python Tools
09.12.2017  11:37             2˙567 recently-used.xbel
12.01.2017  11:46             7˙589 Resmon.ResmonCfg
18.09.2017  21:17    <DIR>          Samsung
03.12.2017  23:05    <DIR>          ServiceHub
16.02.2016  16:27    <DIR>          Skyrim
29.12.2017  19:27    <DIR>          SquirrelTemp
13.02.2018  20:09    <DIR>          Temp
19.12.2017  21:04    <JUNCTION>     Temporary Internet Files [C:\Users\pklos\AppData\Local\Microsoft\Windows\INetCache]
20.02.2017  15:06    <DIR>          Tempzxpsign059fa9d47b0a7766
20.02.2017  15:07    <DIR>          Tempzxpsign10bee8b97c8a5824
22.02.2017  13:59    <DIR>          Tempzxpsign21c3707acb41102e
22.02.2017  13:59    <DIR>          Tempzxpsign43163c2e455118b0
22.02.2017  14:00    <DIR>          Tempzxpsign696447ac347c8203
22.02.2017  13:59    <DIR>          Tempzxpsign74c33438d1a29e98
20.02.2017  15:06    <DIR>          Tempzxpsignbfa79cac7d47e262
20.02.2017  15:08    <DIR>          Tempzxpsignbff5f447aca83f0e
17.07.2017  17:35    <DIR>          TIDAL
19.12.2017  21:32    <DIR>          TileDataLayer
11.02.2018  22:55            32˙038 uninstall_temp.ico
09.07.2017  18:08    <DIR>          UNP
22.06.2017  12:53    <DIR>          VirtualStore
19.12.2017  12:44    <DIR>          VSIXInstaller
29.12.2017  19:27    <DIR>          WhatsApp
               4 File(s)      6˙333˙650 bytes
              85 Dir(s)  29˙150˙457˙856 bytes free

========= Koniec  CMD: =========


========= dir /a C:\Users\pklos\AppData\LocalLow =========

 Volume in drive C has no label.
 Volume Serial Number is DC33-D2C5

 Directory of C:\Users\pklos\AppData\LocalLow

11.02.2018  23:16    <DIR>          .
11.02.2018  23:16    <DIR>          ..
03.10.2016  21:37    <DIR>          Adobe
07.04.2017  18:16    <DIR>          Apple Computer
30.05.2017  21:07    <DIR>          CDProjektRED
17.02.2016  03:24    <DIR>          Microsoft
13.02.2018  19:54    <DIR>          Mozilla
30.04.2016  12:13    <DIR>          Oracle
30.04.2016  12:14    <DIR>          Sun
17.02.2016  19:51    <DIR>          Temp
               0 File(s)              0 bytes
              10 Dir(s)  29˙150˙461˙952 bytes free

========= Koniec  CMD: =========


========= dir /a C:\Users\pklos\AppData\Roaming =========

 Volume in drive C has no label.
 Volume Serial Number is DC33-D2C5

 Directory of C:\Users\pklos\AppData\Roaming

13.02.2018  18:36    <DIR>          .
13.02.2018  18:36    <DIR>          ..
30.05.2017  21:08    <DIR>          .mono
19.06.2017  12:09    <DIR>          ActiveState
23.02.2017  21:05    <DIR>          Adobe
08.04.2017  08:59    <DIR>          Apple Computer
19.12.2017  21:02    <DIR>          ATI
10.11.2017  14:49    <DIR>          audacity
21.02.2017  11:31    <DIR>          Autodesk
28.01.2018  14:02    <DIR>          DAEMON Tools Lite
16.02.2017  11:28    <DIR>          Eclipse
07.04.2017  17:33    <DIR>          ESRI
28.01.2018  14:02    <DIR>          FileZilla
04.02.2018  19:49    <DIR>          foobar2000
20.04.2016  09:36    <DIR>          Foxit Software
28.04.2017  07:44    <DIR>          Google
11.05.2016  13:10    <DIR>          HEC
31.12.2017  00:36             1˙752 HP10bII+State.bin
10.07.2017  11:37    <DIR>          ImgBurn
28.01.2018  14:02    <DIR>          inkscape
23.06.2016  21:14    <DIR>          INTERsoft
13.01.2018  13:28    <DIR>          java
11.04.2017  21:43    <DIR>          JetBrains
08.01.2018  22:42    <DIR>          jupyter
09.04.2017  12:35    <DIR>          Leadertech
08.04.2016  13:43    <DIR>          Macromedia
19.12.2017  21:20    <DIR>          Microsoft
25.04.2017  15:23    <DIR>          Microsoft FxCop
18.11.2017  22:28    <DIR>          Mozilla
28.01.2018  14:02    <DIR>          MPC-HC
08.11.2017  21:13    <DIR>          MyPhoneExplorer
22.09.2017  20:14    <DIR>          MySQL
13.01.2017  08:56    <DIR>          NapiProjekt
12.02.2018  22:05    <DIR>          npm
04.12.2017  10:58    <DIR>          npm-cache
04.12.2017  10:57    <DIR>          NuGet
23.12.2017  18:01    <DIR>          Opera Software
23.04.2017  14:58    <DIR>          Oracle
22.02.2017  13:59    <DIR>          PDAppFlex
29.12.2016  14:06    <DIR>          renault
18.09.2017  21:17    <DIR>          Samsung
08.05.2017  19:38    <DIR>          Scene Builder
11.12.2016  14:32    <DIR>          Scilab
29.12.2017  19:27    <DIR>          Skype
30.04.2016  12:14    <DIR>          Sun
16.07.2017  19:30    <DIR>          TIDAL
10.07.2017  12:06    <DIR>          TS3Client
28.01.2018  14:02    <DIR>          uTorrent
04.12.2017  10:24    <DIR>          Visual Studio Setup
03.12.2017  23:05    <DIR>          vstelemetry
16.02.2016  20:30    <DIR>          Wargaming.net
29.12.2017  19:30    <DIR>          WhatsApp
               1 File(s)          1˙752 bytes
              51 Dir(s)  29˙150˙527˙488 bytes free

========= Koniec  CMD: =========

C:\Windows\System32\Drivers\etc\hosts => pomyślnie przeniesiono
Hosts pomyślnie przywrócono.

========= wevtutil el | Foreach-Object {wevtutil cl "$_"} =========


========= Koniec  Powershell: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8151040 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 63870732 B
Java, Flash, Steam htmlcache => 1477 B
Windows/system/drivers => 2772874 B
Edge => 0 B
Chrome => 86440816 B
Firefox => 401487783 B
Opera => 63237787 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 3264 B
NetworkService => 65446 B
pklos => 81357090 B

RecycleBin => 16145932 B
EmptyTemp: => 690 MB danych tymczasowych Usunięto.

================================

Rezultat przenoszenia plików przy restarcie (Tryb startu: Normal) (Data i godzina: 13-02-2018 20:13:49)


Rezultat usuwania kluczy przy restarcie:

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{27D13405-9702-4343-A295-DC4497BCFA05}" => pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27D13405-9702-4343-A295-DC4497BCFA05}" => pomyślnie usunięto
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => klucz pomyślnie usunięto

==== Koniec  Fixlog 20:13:49 ====