Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 21.07.2018 Uruchomiony przez y (27-07-2018 15:06:27) Run:1 Uruchomiony z C:\Users\y\Desktop\Nowy folder Załadowane profile: y & Gość (Dostępne profile: y & Gość) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NFS Most Wanted PL\NFS Most Wanted - Spolszczenie.lnk C:\Users\y\Documents\Euro Truck Simulator 2\readme.rtf.lnk C:\Users\y\Documents\American Truck Simulator\readme.rtf.lnk C:\Users\y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk C:\Users\y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FACEIT Ltd\FACEIT.lnk C:\Users\y\AppData\Roaming\Microsoft\Windows\Start Menu\Nox\Nox.lnk C:\Users\y\AppData\Roaming\Microsoft\Windows\Start Menu\Nox\Nox_unload.lnk C:\Users\y\AppData\Local\Microsoft\Windows\GameExplorer\{458044EE-527F-489C-ADF8-DD180A10B700}\PlayTasks\0\Zagraj.lnk ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku Task: {24BD8404-C660-44E1-8D79-11D8C5F2011B} - System32\Tasks\UEznpHBkc3To => ueznphbkc3to.exe <==== UWAGA Task: {32B8361E-B3A4-4B26-86F7-38189F272223} - \F3E72C08-821E-7ECC-1814-27797268B9AA -> Brak pliku <==== UWAGA Task: {BD0C867A-19D5-423D-9E08-1E263377881D} - System32\Tasks\timeandnewsnettorz => C:\Program Files\Opera\Launcher.exe Task: {D4F7E4AE-F4E7-4CE0-B846-0FAC08150242} - System32\Tasks\{73EC5C7E-0062-4AC0-B03F-37BB37CE0982} => C:\Windows\system32\pcalua.exe -a C:\Users\y\Desktop\hgoy\Gothic2_PlayerKit-2.6f.exe -d C:\Users\y\Desktop\hgoy Task: {D0DFA0CB-D199-412B-8F59-A3DF0B6F58A9} - System32\Tasks\geektonete5a => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" geekto.net/e5a <==== UWAGA HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-12500877-75935106-1869366309-1000\...\MountPoints2: {1a13ba35-8e36-11e7-be76-0021851c1889} - F:\Autorun.exe HKU\S-1-5-21-12500877-75935106-1869366309-1000\...\MountPoints2: {fe1ba20b-9d36-11e7-82d5-0021851c1889} - H:\Autorun.exe HKU\S-1-5-21-12500877-75935106-1869366309-1000\...\MountPoints2: {2365d9f3-9463-11e7-868c-0021851c1889} - G:\Setup.exe HKU\S-1-5-21-12500877-75935106-1869366309-1000\...\MountPoints2: {e0ba16ff-3659-11e8-bffa-0021851c1889} - G:\setup.exe HKU\S-1-5-21-12500877-75935106-1869366309-1000\...\MountPoints2: {4fc0677c-5a8a-11e8-b894-0021851c1889} - E:\stp-fm2017.exe HKU\S-1-5-21-12500877-75935106-1869366309-1000\...\MountPoints2: {814195b2-12e2-11e8-986d-0021851c1889} - E:\stp-fm2017.exe HKU\S-1-5-21-12500877-75935106-1869366309-1000\...\MountPoints2: {fbfea845-1231-11e8-b916-0021851c1889} - E:\stp-fm2017.exe HKU\S-1-5-21-12500877-75935106-1869366309-1000\...\MountPoints2: E - E:\Setup.exe ShortcutTarget: Facebook Messenger.lnk -> C:\Users\y\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Brak pliku) GroupPolicy: Ograniczenia - Windows Defender <==== UWAGA GroupPolicy\User: Ograniczenia ? <==== UWAGA CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <==== UWAGA HKU\S-1-5-21-12500877-75935106-1869366309-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccZ4PGB-3qSBIU3esZ3pkOyjK_hR8dO_DSqhMgRFFBElU88NyFAW66aeYhfT3BUx96qXMKa2ovhUVblfm6AiNPOBSj8Nh7C2MoJVnPR9uP9l1AF0otnbPfNoIoPHYrS8MkSwhyYcfVlMNfuMRlI8DlKnGmJdww,,&q={searchTerms} HKU\S-1-5-21-12500877-75935106-1869366309-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccZ4PGB-3qSBIU3esZ3pkOyjK_hR8dO_DSqhMgRFFBElU88NyFAW66aeYhfT3BUx96qXMKa2ovhUVblfm6AiNPOBSj8Nh7C2MoJVnPR9uP9l1AF0otnbPfNoIoPHYrS8MkSwhyYcfVlMNfuMRlI8DlKnGmJdww,,&q={searchTerms} HKU\S-1-5-21-12500877-75935106-1869366309-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccZ4PGB-3qSBIU3esZ3pkOyjK_hR8dO_DSqhMgRFFBElU88NyFAW66aeYhfT3BUx96qXMKa2ovhUVblfm6AiNPOBSj8Nh7C2MoJVnPR9uP9l1AF0otnbPfNoIoPHYrS8MkSwhyYcfVlMNfuMRlI8DlKnGmJdww,,&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope - brak wartości 2018-07-26 22:39 - 2018-07-26 22:40 - 007417040 _____ (Malwarebytes) C:\Users\y\Downloads\adwcleaner_7.2.2_www.INSTALKI.pl.exe 2017-09-27 22:43 - 2017-09-27 22:43 - 007327744 _____ () C:\Users\y\AppData\Local\agent.dat 2017-09-27 22:43 - 2017-09-27 22:43 - 000070800 _____ () C:\Users\y\AppData\Local\Config.xml 2017-09-27 22:42 - 2017-09-27 22:42 - 000140800 _____ () C:\Users\y\AppData\Local\installer.dat 2017-09-27 22:43 - 2017-09-27 22:43 - 000005568 _____ () C:\Users\y\AppData\Local\md.xml 2017-09-27 22:43 - 2017-09-27 22:43 - 000126464 _____ () C:\Users\y\AppData\Local\noah.dat 2017-09-27 22:43 - 2017-09-27 22:43 - 001899389 _____ () C:\Users\y\AppData\Local\Techfan.tst 2017-09-27 22:43 - 2017-09-27 22:43 - 000032038 _____ () C:\Users\y\AppData\Local\uninstall_temp.ico CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx DeleteKey: HKCU\Software\Mozilla DeleteKey: HKCU\Software\MozillaPlugins DeleteKey: HKLM\SOFTWARE\Mozilla DeleteKey: HKLM\SOFTWARE\MozillaPlugins DeleteKey: HKLM\SOFTWARE\Wow6432Node\Mozilla DeleteKey: HKLM\SOFTWARE\Wow6432Node\mozilla.org DeleteKey: HKLM\SOFTWARE\Wow6432Node\MozillaPlugins C:\Users\y\AppData\Local\Mozilla C:\Users\y\AppData\Roaming\Mozilla C:\Users\y\AppData\Roaming\Profiles CMD: dir /a "C:\Program Files" CMD: dir /a "C:\Program Files (x86)" CMD: dir /a "C:\Program Files\Common Files" CMD: dir /a "C:\Program Files (x86)\Common Files" CMD: dir /a "C:\Program Files\Common Files\System" CMD: dir /a "C:\Program Files (x86)\Common Files\System" CMD: dir /a C:\ProgramData CMD: dir /a C:\Users\y\AppData\Local CMD: dir /a C:\Users\y\AppData\LocalLow CMD: dir /a C:\Users\y\AppData\Roaming Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"} EmptyTemp: ***************** Procesy zostały pomyślnie zamknięte. Punkt przywracania został pomyślnie utworzony. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NFS Most Wanted PL\NFS Most Wanted - Spolszczenie.lnk => pomyślnie przeniesiono C:\Users\y\Documents\Euro Truck Simulator 2\readme.rtf.lnk => pomyślnie przeniesiono C:\Users\y\Documents\American Truck Simulator\readme.rtf.lnk => pomyślnie przeniesiono C:\Users\y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk => pomyślnie przeniesiono C:\Users\y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FACEIT Ltd\FACEIT.lnk => pomyślnie przeniesiono C:\Users\y\AppData\Roaming\Microsoft\Windows\Start Menu\Nox\Nox.lnk => pomyślnie przeniesiono C:\Users\y\AppData\Roaming\Microsoft\Windows\Start Menu\Nox\Nox_unload.lnk => pomyślnie przeniesiono C:\Users\y\AppData\Local\Microsoft\Windows\GameExplorer\{458044EE-527F-489C-ADF8-DD180A10B700}\PlayTasks\0\Zagraj.lnk => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw" => pomyślnie usunięto HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => nie znaleziono "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg" => pomyślnie usunięto HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => nie znaleziono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{24BD8404-C660-44E1-8D79-11D8C5F2011B}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24BD8404-C660-44E1-8D79-11D8C5F2011B}" => pomyślnie usunięto C:\Windows\System32\Tasks\UEznpHBkc3To => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UEznpHBkc3To" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{32B8361E-B3A4-4B26-86F7-38189F272223}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32B8361E-B3A4-4B26-86F7-38189F272223}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\F3E72C08-821E-7ECC-1814-27797268B9AA" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BD0C867A-19D5-423D-9E08-1E263377881D}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD0C867A-19D5-423D-9E08-1E263377881D}" => pomyślnie usunięto C:\Windows\System32\Tasks\timeandnewsnettorz => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\timeandnewsnettorz" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D4F7E4AE-F4E7-4CE0-B846-0FAC08150242}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4F7E4AE-F4E7-4CE0-B846-0FAC08150242}" => pomyślnie usunięto C:\Windows\System32\Tasks\{73EC5C7E-0062-4AC0-B03F-37BB37CE0982} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{73EC5C7E-0062-4AC0-B03F-37BB37CE0982}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D0DFA0CB-D199-412B-8F59-A3DF0B6F58A9}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0DFA0CB-D199-412B-8F59-A3DF0B6F58A9}" => pomyślnie usunięto C:\Windows\System32\Tasks\geektonete5a => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\geektonete5a" => pomyślnie usunięto "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => pomyślnie usunięto "HKU\S-1-5-21-12500877-75935106-1869366309-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1a13ba35-8e36-11e7-be76-0021851c1889}" => pomyślnie usunięto HKLM\Software\Classes\CLSID\{1a13ba35-8e36-11e7-be76-0021851c1889} => nie znaleziono "HKU\S-1-5-21-12500877-75935106-1869366309-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fe1ba20b-9d36-11e7-82d5-0021851c1889}" => pomyślnie usunięto HKLM\Software\Classes\CLSID\{fe1ba20b-9d36-11e7-82d5-0021851c1889} => nie znaleziono "HKU\S-1-5-21-12500877-75935106-1869366309-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2365d9f3-9463-11e7-868c-0021851c1889}" => pomyślnie usunięto HKLM\Software\Classes\CLSID\{2365d9f3-9463-11e7-868c-0021851c1889} => nie znaleziono "HKU\S-1-5-21-12500877-75935106-1869366309-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e0ba16ff-3659-11e8-bffa-0021851c1889}" => pomyślnie usunięto HKLM\Software\Classes\CLSID\{e0ba16ff-3659-11e8-bffa-0021851c1889} => nie znaleziono "HKU\S-1-5-21-12500877-75935106-1869366309-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4fc0677c-5a8a-11e8-b894-0021851c1889}" => pomyślnie usunięto HKLM\Software\Classes\CLSID\{4fc0677c-5a8a-11e8-b894-0021851c1889} => nie znaleziono "HKU\S-1-5-21-12500877-75935106-1869366309-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{814195b2-12e2-11e8-986d-0021851c1889}" => pomyślnie usunięto HKLM\Software\Classes\CLSID\{814195b2-12e2-11e8-986d-0021851c1889} => nie znaleziono "HKU\S-1-5-21-12500877-75935106-1869366309-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fbfea845-1231-11e8-b916-0021851c1889}" => pomyślnie usunięto HKLM\Software\Classes\CLSID\{fbfea845-1231-11e8-b916-0021851c1889} => nie znaleziono "HKU\S-1-5-21-12500877-75935106-1869366309-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E" => pomyślnie usunięto "C:\Users\y\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe" => nie znaleziono C:\Windows\system32\GroupPolicy\Machine => pomyślnie przeniesiono C:\Windows\system32\GroupPolicy\GPT.ini => pomyślnie przeniesiono C:\Windows\system32\GroupPolicy\User => pomyślnie przeniesiono "HKLM\SOFTWARE\Policies\Google" => pomyślnie usunięto "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => pomyślnie usunięto HKU\S-1-5-21-12500877-75935106-1869366309-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono "HKU\S-1-5-21-12500877-75935106-1869366309-1000\Software\Microsoft\Internet Explorer\Main\\Search Bar" => pomyślnie usunięto "HKU\S-1-5-21-12500877-75935106-1869366309-1000\Software\Microsoft\Internet Explorer\Main\\SearchAssistant" => pomyślnie usunięto HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie przywrócono C:\Users\y\Downloads\adwcleaner_7.2.2_www.INSTALKI.pl.exe => pomyślnie przeniesiono C:\Users\y\AppData\Local\agent.dat => pomyślnie przeniesiono C:\Users\y\AppData\Local\Config.xml => pomyślnie przeniesiono C:\Users\y\AppData\Local\installer.dat => pomyślnie przeniesiono C:\Users\y\AppData\Local\md.xml => pomyślnie przeniesiono C:\Users\y\AppData\Local\noah.dat => pomyślnie przeniesiono C:\Users\y\AppData\Local\Techfan.tst => pomyślnie przeniesiono C:\Users\y\AppData\Local\uninstall_temp.ico => pomyślnie przeniesiono "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nladljmabboanhihfkjacnnkgjhnokhj" => pomyślnie usunięto HKCU\Software\Mozilla => nie znaleziono "HKCU\Software\MozillaPlugins" => pomyślnie usunięto "HKLM\SOFTWARE\Mozilla" => pomyślnie usunięto "HKLM\SOFTWARE\MozillaPlugins" => pomyślnie usunięto "HKLM\SOFTWARE\Wow6432Node\Mozilla" => pomyślnie usunięto HKLM\SOFTWARE\Wow6432Node\mozilla.org => nie znaleziono "HKLM\SOFTWARE\Wow6432Node\MozillaPlugins" => pomyślnie usunięto "C:\Users\y\AppData\Local\Mozilla" => nie znaleziono "C:\Users\y\AppData\Roaming\Mozilla" => nie znaleziono "C:\Users\y\AppData\Roaming\Profiles" => nie znaleziono ========= dir /a "C:\Program Files" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 8C2B-A2FE Katalog: C:\Program Files 2018-07-26 23:10 . 2018-07-26 23:10 .. 2018-02-21 18:55 AMD 2018-07-26 20:04 AVG 2017-12-14 17:15 CCleaner 2018-07-26 20:06 Common Files 2009-07-14 06:54 174 desktop.ini 2011-04-12 15:21 DVD Maker 2017-12-29 19:26 Epic Games 2018-07-13 14:05 Internet Explorer 2018-07-22 13:32 Java 2009-07-14 07:32 Microsoft Games 2009-07-14 07:32 MSBuild 2017-09-01 12:35 NVIDIA Corporation 2018-07-26 20:23 Opera 2017-11-15 21:45 PuTTY 2009-07-14 07:32 Reference Assemblies 2018-06-12 14:46 TeamSpeak 3 Client 2018-06-29 17:19 TruckersMP Launcher 2018-05-26 19:11 TxGameAssistant 2016-01-18 10:29 Windows Defender 2011-04-12 15:21 Windows Mail 2017-11-16 23:32 Windows Media Player 2017-08-08 14:25 Windows NT 2011-04-12 15:21 Windows Photo Viewer 2010-11-21 05:31 Windows Portable Devices 2011-04-12 15:21 Windows Sidebar 2018-07-02 15:42 WinRAR 1 plik(˘w) 174 bajt˘w 27 katalog(˘w) 34˙381˙373˙440 bajt˘w wolnych ========= Koniec CMD: ========= ========= dir /a "C:\Program Files (x86)" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 8C2B-A2FE Katalog: C:\Program Files (x86) 2018-07-26 23:13 . 2018-07-26 23:13 .. 2017-11-10 14:51 AMD 2017-11-10 15:19 AVG 2018-07-26 23:13 Common Files 2009-07-14 06:54 174 desktop.ini 2017-11-10 14:51 dx 2017-09-30 09:43 Google 2017-11-05 17:37 InstallShield Installation Information 2018-07-13 14:05 Internet Explorer 2018-07-23 21:10 LogMeIn Hamachi 2016-01-22 18:26 Microsoft.NET 2009-07-14 07:32 MSBuild 2018-06-12 01:09 Nox 2017-08-30 20:22 NVIDIA Corporation 2018-02-21 18:56 Raptr 2009-07-14 07:32 Reference Assemblies 2018-02-24 22:53 SafeIP 2018-01-21 19:55 SHU 2018-07-27 15:01 Steam 2018-02-16 09:08 uTorrent 2016-01-18 10:29 Windows Defender 2011-04-12 15:21 Windows Mail 2017-11-16 23:32 Windows Media Player 2009-07-14 07:32 Windows NT 2011-04-12 15:21 Windows Photo Viewer 2010-11-21 05:31 Windows Portable Devices 2011-04-12 15:21 Windows Sidebar 2018-07-03 15:17 WinRAR 1 plik(˘w) 174 bajt˘w 28 katalog(˘w) 34˙381˙373˙440 bajt˘w wolnych ========= Koniec CMD: ========= ========= dir /a "C:\Program Files\Common Files" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 8C2B-A2FE Katalog: C:\Program Files\Common Files 2018-07-26 20:06 . 2018-07-26 20:06 .. 2017-11-10 14:51 ATI Technologies 2018-04-11 17:22 AVAST Software 2018-07-26 20:06 AVG 2017-11-10 14:51 Microsoft Shared 2009-07-14 05:20 Services 2009-07-14 05:20 SpeechEngines 2016-01-18 10:21 System 0 plik(˘w) 0 bajt˘w 9 katalog(˘w) 34˙381˙373˙440 bajt˘w wolnych ========= Koniec CMD: ========= ========= dir /a "C:\Program Files (x86)\Common Files" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 8C2B-A2FE Katalog: C:\Program Files (x86)\Common Files 2018-07-26 23:13 . 2018-07-26 23:13 .. 2017-12-30 18:04 ATI Technologies 2017-12-29 17:45 BattlEye 2017-09-30 15:17 InstallShield 2018-07-22 13:31 Java 2017-11-10 14:51 microsoft shared 2018-07-22 13:32 Oracle 2009-07-14 05:20 Services 2009-07-14 05:20 SpeechEngines 2018-07-26 15:05 Steam 2016-01-18 10:21 System 2017-11-06 23:10 Trustzimdex 2017-09-28 16:12 Wise Installation Wizard 0 plik(˘w) 0 bajt˘w 14 katalog(˘w) 34˙381˙369˙344 bajt˘w wolnych ========= Koniec CMD: ========= ========= dir /a "C:\Program Files\Common Files\System" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 8C2B-A2FE Katalog: C:\Program Files\Common Files\System 2016-01-18 10:21 . 2016-01-18 10:21 .. 2018-04-14 22:37 ado 2009-07-14 03:40 29˙184 DirectDB.dll 2011-04-12 15:21 en-US 2018-04-14 22:37 msadc 2016-01-18 10:20 Ole DB 2011-04-12 15:21 pl-PL 2016-01-18 10:21 886˙784 wab32.dll 2009-07-14 03:33 1˙098˙752 wab32res.dll 3 plik(˘w) 2˙014˙720 bajt˘w 7 katalog(˘w) 34˙381˙373˙440 bajt˘w wolnych ========= Koniec CMD: ========= ========= dir /a "C:\Program Files (x86)\Common Files\System" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 8C2B-A2FE Katalog: C:\Program Files (x86)\Common Files\System 2016-01-18 10:21 . 2016-01-18 10:21 .. 2018-04-14 22:37 ado 2009-07-14 03:15 24˙064 DirectDB.dll 2011-04-12 15:21 en-US 2018-04-14 22:37 msadc 2017-11-11 13:14 Ole DB 2011-04-12 15:21 pl-PL 2016-01-18 10:21 708˙608 wab32.dll 2009-07-14 03:11 1˙098˙752 wab32res.dll 3 plik(˘w) 1˙831˙424 bajt˘w 7 katalog(˘w) 34˙381˙369˙344 bajt˘w wolnych ========= Koniec CMD: ========= ========= dir /a C:\ProgramData ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 8C2B-A2FE Katalog: C:\ProgramData 2018-07-26 23:13 . 2018-07-26 23:13 .. 2017-09-15 09:13 .mono 2009-07-14 07:08 Application Data [C:\ProgramData] 2017-11-10 14:58 ATI 2018-04-11 19:20 AVAST Software 2018-07-26 23:10 Avg 2017-10-03 21:19 Common Files 2017-08-31 14:41 DAEMON Tools Lite 2017-08-08 14:25 Dane aplikacji [C:\ProgramData] 2009-07-14 07:08 Desktop [C:\Users\Public\Desktop] 2009-07-14 07:08 Documents [C:\Users\Public\Documents] 2017-08-08 14:25 Dokumenty [C:\Users\Public\Documents] 2017-09-25 18:35 Electronic Arts 2009-07-14 07:08 Favorites [C:\Users\Public\Favorites] 2017-09-08 13:31 Football Manager 2017 2017-10-12 18:23 Football Manager 2017 Editor 2018-02-24 22:43 FreeHideIP 2018-03-29 00:49 GOG.com 2017-11-05 17:37 Hi-Rez Studios 2017-09-07 13:10 KONAMI 2018-07-23 21:11 LogMeIn 2018-07-26 23:13 McAfee 2017-08-08 14:25 Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu] 2018-02-15 19:50 Microsoft 2017-12-14 15:27 266 ntuser.pol 2017-09-01 12:33 NVIDIA 2017-08-30 20:21 NVIDIA Corporation 2018-02-20 21:00 Oracle 2017-10-04 14:09 Origin 2018-04-28 08:00 Package Cache 2017-08-08 14:25 Pulpit [C:\Users\Public\Desktop] 2017-08-27 22:12 Riot Games 2009-07-14 07:08 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 2017-09-07 13:10 Steam 2017-08-08 14:25 Szablony [C:\ProgramData\Microsoft\Windows\Templates] 2009-07-14 07:08 Templates [C:\ProgramData\Microsoft\Windows\Templates] 2018-07-26 23:13 Tencent 2018-05-17 18:25 Twitch 2017-08-08 14:25 Ulubione [C:\Users\Public\Favorites] 2017-10-14 14:56 Undefined game 2017-12-23 11:38 {007380A1-B7D8-370A-9D00-A7B83DA8FC22} 2017-12-29 11:41 {010F3D46-B6A4-8AED-D53D-1F6A09C35E7F} 2018-01-16 15:11 {06D2155B-B179-A2F0-8EB7-73602F952332} 2018-01-07 15:18 {07063DE6-B0AD-8A4D-286F-2FE39E3699FF} 2017-12-23 12:24 {07F0E7FE-B05B-5055-E606-AF39707AE836} 2017-12-23 11:40 {0C4BC6E2-BBE0-7149-0F1F-791DCCCA37DB} 2018-01-07 02:37 {0F49AC57-B8E2-1BFC-E677-B7374F0C2E5B} 2018-01-07 02:23 {1226004B-A58D-B7E0-2271-2C8435A27295} 2017-11-02 22:23 {173F7B2A-A094-CC81-C411-7E4C9CD159B3} 2017-12-29 11:48 {1A2FF357-AD84-44FC-4069-B4C1089A3EDF} 2017-12-23 18:32 {1A919E20-AD3A-298B-E080-5C585F101D4F} 2017-12-23 11:43 {23542CBC-94FF-9B17-2FFC-5DDC93512B52} 2017-12-29 11:42 {26C83A3B-9163-8D90-6416-AEACD8DF23D7} 2018-01-07 02:43 {27AFBA26-9004-0D8D-9B39-27064B09DC0F} 2018-01-06 02:16 {294B9A8C-9EE0-2D27-6FF7-B290E3782E27} 2017-12-23 01:10 {29515808-9EFA-EFA3-2CDA-5DB9D986D7CC} 2018-01-07 02:31 {2ABB7A3A-9D10-CD91-C759-BC57D4FD1D7A} 2017-12-22 23:54 {2B62E000-9CC9-57AB-798E-7AC4E22A8AA7} 2017-12-23 11:37 {30DEC570-8775-72DB-CBC2-1C35B6D231F9} 2018-01-07 02:30 {3831AF70-8F9A-18DB-2B1D-323A8871C109} 2017-12-23 11:43 {3857C1C1-8FFC-766A-6F64-F871F7FFD27B} 2017-12-29 11:46 {3C7D6F41-8BD6-D8EA-9DD9-51CB1C0CD9F9} 2018-01-07 15:12 {3D9148A6-8A3A-FF0D-3DC2-27FDE066D971} 2017-12-23 12:23 {3DDE04CC-8A75-B367-E0EF-E7619C5B5498} 2017-12-29 11:44 {4058D26C-F7F3-65C7-BAC5-ED8CD040A9C2} 2017-12-23 12:22 {405BA160-F7F0-16CB-65CB-DFB55AE2FB71} 2018-01-07 02:44 {411F4354-F6B4-F4FF-0D0A-C7BD4EB94B45} 2017-12-23 11:43 {451DD37D-F2B6-64D6-23C8-40925D8CE25E} 2017-12-23 12:24 {478E61E3-F025-D648-FE88-7B80F4265C52} 2017-12-22 23:53 {4815B3E1-FFBE-044A-23C8-9D89C10BF1C9} 2018-01-06 02:11 {4944D55A-FEEF-62F1-26F5-94DC61B21DD8} 2017-12-29 11:48 {4AEB2A92-FD40-9D39-1585-BCE283A5E7CC} 2017-12-29 11:50 {4B12AF8B-FCB9-1820-8118-233333B53836} 2017-12-29 11:51 {4D81B7B6-FA2A-001D-6C60-D7B9CABB2826} 2017-12-29 11:45 {52EA59B8-E541-EE13-3DA1-052698DA9DA6} 2017-12-22 23:54 {5385B93C-E42E-0E97-B8D2-4115CD27B562} 2017-12-23 11:38 {53D34637-E478-F19C-3628-FF6BF49CC6F5} 2018-01-07 15:02 {560ED37A-E1A5-64D1-6E7A-204801A7E281} 2018-01-07 02:44 {5AFD5F86-ED56-E82D-FE9A-8943062F7CD6} 2018-01-07 15:32 {5E49E15E-E9E2-56F5-4250-091D28AACB70} 2017-12-23 11:43 {5EA0F126-E90B-468D-8827-B69286BBCB15} 2018-01-07 21:43 {66C52EC6-D16E-996D-9C28-515D2BAC83A2} 2017-12-23 12:24 {6C1CF3B3-DBB7-4418-3B89-7D1FF0557767} 2018-01-07 15:04 {6F80631A-D82B-D4B1-23E1-2FFF4C54559F} 2017-12-29 11:47 {74659670-C3CE-21DB-8CB1-6C95B3AE24F0} 2017-12-22 23:54 {74A53CE9-C30E-8B42-3058-8CE0802AA541} 2017-12-23 11:38 {754E6FD6-C2E5-D87D-41B5-4369A027A3CA} 2017-12-23 12:22 {797C4881-CED7-FF2A-4E32-B73ADED7B8BA} 2018-01-07 15:11 {79A6730A-CE0D-C4A1-F97B-036C49B0B969} 2017-12-23 11:40 {7C6E8457-CBC5-33FC-568C-F18C5E712F6E} 2018-01-07 15:10 {7D709266-CADB-25CD-48E2-10A3EDA55B6F} 2017-12-29 11:49 {7DC01678-CA6B-A1D3-EA20-21E2FBDF18B6} 2017-12-23 11:43 {82D2E037-3579-579C-7B14-BA80785A79E7} 2017-12-29 11:47 {8761E755-30CA-50FE-88E8-6CF1123909D7} 2018-01-06 02:10 {880A5C95-3FA1-EB3E-0334-07FAF52CC0E6} 2017-12-23 11:35 {88E10750-3F4A-B0FB-8B1C-A6AEAE361431} 2017-11-02 22:23 {94CE2754-2365-90FF-668A-FB67ED7AD8AE} 2017-12-23 11:43 {950FDE1C-22A4-69B7-3924-EA02F0B6732B} 2017-12-23 11:40 {97D63B61-207D-8CCA-D834-EBD1A0803F8B} 2018-01-06 02:10 {98E2B26F-2F49-05C4-B164-CF1AE323E5B1} 2018-01-07 02:57 {996F0CB3-2EC4-BB18-5993-734DA2D2CF90} 2017-11-02 22:22 {9E2F7960-2984-CECB-8C4F-21A99B09CC02} 2017-12-23 11:46 {A010206C-17BB-97C7-49A8-0945236A6E80} 2017-12-23 11:42 {A54EC597-12E5-723C-891F-1A81B58207BB} 2017-12-23 01:10 {A5ED05A0-1246-B20B-B16D-A0F9F6DC63FA} 2017-12-23 18:31 {A776C661-10DD-71CA-3A3D-04FEA3174D17} 2017-12-23 12:24 {A80ED938-1FA5-6E93-2F25-789627E8FCC1} 2017-12-23 11:38 {AB348894-1C9F-3F3F-6AEC-FDE4BF67D201} 2017-12-29 11:45 {AFE78BC9-184C-3C62-C357-A7626FC933B6} 2017-12-23 11:36 {BB55F58F-0CFE-4224-FAF3-5F44EEBCA7B7} 2017-12-23 11:38 {BE3093FA-099B-2451-122A-23AC16E6CF3E} 2018-01-07 15:13 {BE31EC55-099A-5BFE-0D67-0C58D25A4355} 2018-01-07 15:19 {BF208029-088B-3782-003F-8C7A8CC4A4AE} 2017-12-23 12:23 {C114C5F9-76BF-7252-95F4-EF3D597265D0} 2017-12-23 12:24 {C5D1E72D-727A-5086-313F-C2326828E84A} 2017-12-23 11:41 {CFE18409-784A-33A2-B5AE-1FA0B5EB0979} 2017-12-23 11:37 {D426EF06-638D-58AD-B655-EB7A2ED08A48} 2017-12-29 11:41 {D76AF002-60C1-47A9-D89C-9BA18153BAB6} 2017-12-29 11:43 {D91029B9-6EBB-9E12-E8A0-FE0B35362F3F} 2017-12-23 11:43 {DA089DD9-6DA3-2A72-FEB4-8E3CBEEF55DE} 2017-12-23 12:22 {DA176ED4-6DBC-D97F-024E-8DACA0B55A15} 2017-12-23 12:24 {DCFABAB8-6B51-0D13-955E-D47BC89A5F03} 2017-12-23 12:24 {DD3713B4-6A9C-A41F-A4DD-DDCB6A479E85} 2018-01-07 15:11 {DE63F96B-69C8-4EC0-88C2-DF56147786E2} 2018-01-07 21:37 {DF1A0EFC-68B1-B957-0B57-481F96264C8F} 2017-12-23 11:41 {E1000AE3-56AB-BD48-4F0E-0133D613684E} 2017-12-23 18:31 {E16FD496-56C4-633D-7FF0-D056CF88962A} 2018-01-07 15:25 {E22F207C-5584-97D7-6D9F-A37F92735DDB} 2017-12-29 11:50 {E61087EE-51BB-3045-ABEE-AC088A155B10} 2017-12-23 11:40 {E907D96A-5EAC-6EC1-7C8D-9C9BD7CBCFCC} 2017-12-29 11:44 {EC586671-5BF3-D1DA-7E9C-45CD2EA4E992} 2017-12-23 11:40 {F45CA71F-43F7-10B4-B902-8CC1E9479C18} 2018-01-03 23:14 {F4EBA29C-4340-1537-B5E9-80B8D00D21F1} 2017-12-23 11:40 {F607AA47-41AC-1DEC-CA3E-99EBA4B7834C} 2018-01-07 15:03 {F87D430C-4FD6-F4A7-F51C-94C5D877339A} 2017-12-23 11:42 {F8826BA8-4F29-DC03-3AE4-D841D7B99BFB} 2018-01-04 14:04 {F9056E0C-4EAE-D9A7-3CA9-44DF1B10C3CC} 2017-12-22 23:53 {FC03A0F1-4BA8-175A-2181-6725C69CADA6} 2017-12-23 11:40 {FECCE8F8-4967-5F53-E069-5E3900B872D9} 2017-12-23 11:37 {FEF4C5DD-495F-7276-271F-397A879C25B0} 1 plik(˘w) 266 bajt˘w 140 katalog(˘w) 34˙381˙352˙960 bajt˘w wolnych ========= Koniec CMD: ========= ========= dir /a C:\Users\y\AppData\Local ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 8C2B-A2FE Katalog: C:\Users\y\AppData\Local 2018-07-27 15:07 . 2018-07-27 15:07 .. 2017-09-28 16:12 2K Games 2018-07-26 23:11 83D0C804-79DC-7E33-121A-9B3F7D8A3C44 2017-10-10 15:24 Adobe 2017-11-09 18:51 AMD 2017-08-09 13:24 Apps 2017-09-05 14:44 ATI 2018-07-26 20:08 Avg 2017-11-10 15:18 AvgSetupLog 2017-08-17 20:59 CEF 2018-01-28 16:45 Chromium 2018-05-03 01:28 Colossal Order 2018-07-26 19:46 CrashDumps 2017-08-08 14:25 Dane aplikacji [C:\Users\y\AppData\Local] 2017-09-30 09:40 Deployment 2018-07-13 16:40 Diagnostics 2018-04-02 12:31 Disc_Soft_Ltd 2018-01-07 23:14 Facebook 2017-10-24 13:05 FACEIT 2018-04-05 19:03 FACEITApp 2017-09-10 14:59 FM_Scout_Editor_2017 2017-12-29 16:48 FortniteGame 2018-07-26 20:04 58˙016 GDIPFONTCACHEV1.DAT 2018-06-20 23:05 GHISLER 2018-04-09 23:47 GOG.com 2017-09-30 09:43 Google 2017-11-05 17:34 HirezLauncherUI 2017-08-08 14:25 Historia [C:\Users\y\AppData\Local\Microsoft\Windows\History] 2018-07-26 23:11 1˙362˙725 IconCache.db 2017-09-16 20:07 Introversion 2017-09-09 17:27 IsolatedStorage 2018-07-23 21:11 LogMeIn 2018-07-27 15:00 LogMeIn Hamachi 2018-02-15 19:50 Microsoft 2018-04-28 22:15 Microsoft Games 2018-03-13 17:55 Notepad++ 2018-06-12 12:57 Nox 2018-04-05 19:02 OpenFM 2018-07-26 20:20 Opera Software 2017-09-06 14:14 Programs 2017-08-18 22:56 PunkBuster 2018-07-04 20:07 600 PUTTY.RND 2018-01-21 19:55 ScreenShu 2018-01-21 19:55 SHU 2017-09-29 18:11 SKIDROW 2017-09-13 16:17 Sports Interactive 2018-03-08 14:29 SquirrelTemp 2017-09-10 18:11 Steam 2018-07-27 15:05 Temp 2017-08-08 14:25 Temporary Internet Files [C:\Users\y\AppData\Local\Microsoft\Windows\Temporary Internet Files] 2018-02-07 18:00 The Witcher 2 2017-11-07 18:37 Ubisoft Game Launcher 2017-12-29 16:48 UnrealEngine 2017-12-29 15:27 UnrealEngineLauncher 2017-09-30 15:22 VirtualStore 3 plik(˘w) 1˙421˙341 bajt˘w 53 katalog(˘w) 34˙381˙357˙056 bajt˘w wolnych ========= Koniec CMD: ========= ========= dir /a C:\Users\y\AppData\LocalLow ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 8C2B-A2FE Katalog: C:\Users\y\AppData\LocalLow 2018-06-13 18:46 . 2018-06-13 18:46 .. 2017-09-14 17:46 8floor 2018-01-22 18:55 CraftsmanGames 2017-09-15 22:40 Eggcode 2018-03-29 00:50 Jujubee S_A_ 2017-08-09 13:23 Microsoft 2018-03-19 12:40 Mozilla 2017-10-20 18:17 Oracle 2018-03-19 16:30 Robot Gentleman 2017-09-27 16:56 SKS 2017-09-07 17:51 stillalive studios GmbH 2017-08-30 22:59 Sun 2018-04-04 18:19 Teal Fire 2017-09-27 17:03 Unity 0 plik(˘w) 0 bajt˘w 15 katalog(˘w) 34˙381˙352˙960 bajt˘w wolnych ========= Koniec CMD: ========= ========= dir /a C:\Users\y\AppData\Roaming ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 8C2B-A2FE Katalog: C:\Users\y\AppData\Roaming 2018-07-26 23:10 . 2018-07-26 23:10 .. 2018-07-26 22:33 .minecraft 2018-07-03 23:43 .minecraftzyczu 2018-05-03 01:18 .mono 2018-04-27 19:29 Adobe 2018-05-26 19:22 AndroidTbox 2018-04-11 07:41 ATI 2018-07-26 20:08 AVG 2018-05-18 15:48 DAEMON Tools Lite 2018-06-18 19:55 FMRTE17 2018-04-14 19:53 GHISLER 2018-04-24 18:47 Glador 2017-09-30 09:47 Google 2018-05-18 15:19 Microsoft 2017-09-23 11:11 Opera Software 2018-04-18 09:35 Sun 2018-07-26 23:16 TS3Client 2018-06-25 19:53 uTorrent 2018-04-12 20:07 WinRAR 0 plik(˘w) 0 bajt˘w 20 katalog(˘w) 34˙381˙352˙960 bajt˘w wolnych ========= Koniec CMD: ========= ========= wevtutil el | Foreach-Object {wevtutil cl "$_"} ========= ========= Koniec Powershell: ========= =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6834276 B Java, Flash, Steam htmlcache => 89853774 B Windows/system/drivers => 71624 B Edge => 0 B Chrome => 84897104 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 16802 B systemprofile32 => 33253 B LocalService => 0 B NetworkService => 0 B y => 56646704 B Gość => 98975 B RecycleBin => 497498 B EmptyTemp: => 235.9 MB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 15:08:06 ====