SHARE
TWEET

Untitled

a guest Nov 27th, 2019 106 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 25-11-2019 01
  2. Uruchomiony przez paula (27-11-2019 17:05:27) Run:1
  3. Uruchomiony z C:\Users\paula\Downloads
  4. Załadowane profile: paula (Dostępne profile: paula)
  5. Tryb startu: Normal
  6. ==============================================
  7.  
  8. fixlist - zawartość:
  9. *****************
  10. CloseProcesses:
  11. CreateRestorePoint:
  12. HKLM\...\RunOnce: [fo0a2tt0kvj] => C:\Program Files (x86)\Bathou\844478514.exe [481280 2019-11-23] (Merit) [Brak podpisu cyfrowego]
  13. HKLM\...\RunOnce: [pst1jqysw2k] => C:\Program Files (x86)\Bathou\317253759.exe [481280 2019-11-23] (Merit) [Brak podpisu cyfrowego]
  14. HKLM\...\RunOnce: [q2b3plsg22w] => C:\Program Files (x86)\Bathou\817915740.exe [481280 2019-11-23] (Merit) [Brak podpisu cyfrowego]
  15. HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA
  16. HKU\S-1-5-21-2858759977-1372284025-741021665-1001\...\Run: [6495628] => C:\Users\paula\AppData\Local\Temp\is-PH4IE.tmp\Coursers.exe [738579 2019-11-22] ( ) [Brak podpisu cyfrowego] <==== UWAGA
  17. HKU\S-1-5-21-2858759977-1372284025-741021665-1001\...\Run: [7464317] => C:\Users\paula\AppData\Local\Temp\is-IOF0N.tmp\Coursers.exe [738579 2019-11-22] ( ) [Brak podpisu cyfrowego] <==== UWAGA
  18. HKU\S-1-5-21-2858759977-1372284025-741021665-1001\...\Run: [1409931] => C:\Users\paula\AppData\Local\Temp\is-LF3IV.tmp\Coursers.exe [738579 2019-11-22] ( ) [Brak podpisu cyfrowego] <==== UWAGA
  19. HKU\S-1-5-21-2858759977-1372284025-741021665-1001\...\Run: [7947509] => "C:\Users\paula\AppData\Local\Temp\is-SUB50.tmp\Coursers.exe" /VERYSILENT <==== UWAGA
  20. HKU\S-1-5-21-2858759977-1372284025-741021665-1001\...\Run: [2316180] => C:\Users\paula\AppData\Roaming\zq1dre1tro3\anug5mbc1sc.exe [4330381 2019-11-25] ( ) [Brak podpisu cyfrowego]
  21. AppInit_DLLs: C:\ProgramData\Quoteex\Damjob.dll => C:\ProgramData\Quoteex\Damjob.dll [342528 2019-11-24] () [Brak podpisu cyfrowego]
  22. AppInit_DLLs-x32: C:\ProgramData\Quoteex\Ronzimnix.dll => Brak pliku
  23. GroupPolicy: Ograniczenia - Chrome <==== UWAGA
  24. FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA
  25. CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
  26. Task: {1A050D5F-3A43-4D45-BEE3-DFC651F7C340} - System32\Tasks\RyVdMRuJrFpvTQ => rundll32 "C:\Program Files (x86)\FEoZIHJcyOcU2\LtyNFqrghvDym.dll",#1
  27. Task: {2E056063-0F86-4FD9-950F-0DC18DB69802} - System32\Tasks\Updater_Online_Application => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== UWAGA
  28. Task: {4078A3FB-7011-4565-9A20-1C86BD1951AF} - System32\Tasks\gvVywgorzMDAb2 => C:\Windows\system32\wscript.exe "C:\ProgramData\KzqIhdLMAbFSuYVB\zkTrZAC.wsf"
  29. Task: {4C48B546-F6D9-453A-8985-C43DDB046E49} - System32\Tasks\OZuycACZFPpjRdw2 => rundll32 "C:\Program Files (x86)\malhLxIDU\mAEHxg.dll",#1
  30. Task: {6DD48B93-0A11-4F68-847F-D27299F19641} - System32\Tasks\fMbKWJvlURLuzEMtb2 => rundll32 "C:\Program Files (x86)\RbAMuAKQlBOkrQZUeUR\njxwxvc.dll",#1
  31. Task: {F6FE7CB9-882B-4C1A-A5CB-1F446E41221C} - System32\Tasks\FtWAaXskhGyPkYAgsQK2 => rundll32 "C:\Program Files (x86)\njcqHiQFWuxsC\NUyCdlW.dll",#1
  32. Task: C:\Windows\Tasks\Online Application V2G3.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA
  33. Task: C:\Windows\Tasks\Online Application V2G4.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA
  34. Task: C:\Windows\Tasks\Online Application V2G5.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA
  35. Task: C:\Windows\Tasks\Online Application V2G6.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA
  36. Task: C:\Windows\Tasks\Updater_Online_Application.job => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== UWAGA
  37. HKU\S-1-5-21-2858759977-1372284025-741021665-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccYpEu3QWpfYxwNGsiS5Sz4pbehwe7cONIzJZJgtGiyRJV-qHKJD-0NDBv6AP83p-C9x0x-CDWwYtLTcPhxdjmiIr65D_OG_7co3yPfpSvtNfiQRrJjOFpFsY_VmlnotDxVf9JQ-Nlj9may4hj5gnV6GLIE5dn-p&q={searchTerms}
  38. HKU\S-1-5-21-2858759977-1372284025-741021665-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccYpEu3QWpfYxwNGsiS5Sz4pbehwe7cONIzJZJgtGiyRJV-qHKJD-0NDBv6AP83p-C99eNNeTYqRhbg1RHOgeROFllbHwx7KixeoM7hJmF5LUQopywWzbBzCGE3PsOKIL6stYjIB2YMqEVMvqDH8E8jLBDEDE1Wa
  39. SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
  40. SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccYpEu3QWpfYxwNGsiS5Sz4pbehwe7cONIzJZJgtGiyRJV-qHKJD-0NDBv6AP83p-C9x0x-CDWwYtLTcPhxdjmiIr65D_OG_7co3yPfpSvtNfiQRrJjOFpFsY_VmlnotDxVf9JQ-Nlj9may4hj5gnV6GLIE5dn-p&q={searchTerms}
  41. SearchScopes: HKU\S-1-5-21-2858759977-1372284025-741021665-1001 -> DefaultScope {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccYpEu3QWpfYxwNGsiS5Sz4pbehwe7cONIzJZJgtGiyRJV-qHKJD-0NDBv6AP83p-C9x0x-CDWwYtLTcPhxdjmiIr65D_OG_7co3yPfpSvtNfiQRrJjOFpFsY_VmlnotDxVf9JQ-Nlj9may4hj5gnV6GLIE5dn-p&q={searchTerms}
  42. SearchScopes: HKU\S-1-5-21-2858759977-1372284025-741021665-1001 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccYpEu3QWpfYxwNGsiS5Sz4pbehwe7cONIzJZJgtGiyRJV-qHKJD-0NDBv6AP83p-C9x0x-CDWwYtLTcPhxdjmiIr65D_OG_7co3yPfpSvtNfiQRrJjOFpFsY_VmlnotDxVf9JQ-Nlj9may4hj5gnV6GLIE5dn-p&q={searchTerms}
  43. BHO: YoutubeAdBlock -> {1C77EC69-5EA3-4241-87D8-AC5A3B0ADAD1} -> C:\Program Files (x86)\DleyWJGFVIE\teQuruW.dll => Brak pliku
  44. BHO-x32: YoutubeAdBlock -> {1C77EC69-5EA3-4241-87D8-AC5A3B0ADAD1} -> C:\Program Files (x86)\DleyWJGFVIE\k3RMwvtS.dll => Brak pliku
  45. S2 backlh; C:\ProgramData\Logic Cramble\set.exe [3780096 2019-11-24] () [Brak podpisu cyfrowego] <==== UWAGA
  46. R2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [11776224 2019-11-24] (EnigmaSoft Limited -> EnigmaSoft Limited)
  47. R2 EventSvc; C:\ProgramData\EventSvc\eventsvc.exe [360448 2018-07-24] (CloudBees, Inc.) [Brak podpisu cyfrowego] <==== UWAGA
  48. R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [519904 2019-11-24] (EnigmaSoft Limited -> EnigmaSoft Limited)
  49. R3 EnigmaFileMonDriver; C:\Windows\System32\drivers\EnigmaFileMonDriver.sys [68424 2019-11-25] (EnigmaSoft Limited -> EnigmaSoft Limited)
  50. C:\Program Files\XOA8L2ZESJ
  51. C:\Program Files\ADHNT25FRF
  52. C:\Program Files\4EA0HTD2Q0
  53. C:\Users\paula\AppData\Roaming\qydosc0fukc
  54. C:\Users\paula\AppData\Roaming\dj3ef3bj2h3
  55. C:\Users\paula\AppData\Roaming\zq1dre1tro3
  56. C:\ProgramData\KzqIhdLMAbFSuYVB
  57. C:\Program Files (x86)\Bathou
  58. C:\ProgramData\Quoteexs
  59. C:\ProgramData\Quoteex
  60. ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
  61. ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Brak pliku
  62. HKU\S-1-5-21-2858759977-1372284025-741021665-1001\...\StartupApproved\Run: => "7947509"
  63. HKU\S-1-5-21-2858759977-1372284025-741021665-1001\...\StartupApproved\Run: => "1409931"
  64. HKU\S-1-5-21-2858759977-1372284025-741021665-1001\...\StartupApproved\Run: => "7464317"
  65. HKU\S-1-5-21-2858759977-1372284025-741021665-1001\...\StartupApproved\Run: => "6495628"
  66. CMD: ipconfig /flushdns
  67. CMD: netsh advfirewall set allprofiles state Off
  68. CMD: netsh advfirewall reset
  69. CMD: netsh int ipv4 reset all
  70. CMD: netsh int ipv6 reset all
  71. CMD: netsh int httpstunnel reset all
  72. CMD: netsh int portproxy reset all
  73. CMD: netsh int tcp reset all
  74. CMD: ipconfig /release
  75. CMD: ipconfig /renew
  76. Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"}
  77. EmptyTemp:
  78.  
  79. *****************
  80.  
  81. Procesy zostały pomyślnie zamknięte.
  82. Punkt przywracania został pomyślnie utworzony.
  83. "HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\fo0a2tt0kvj" => nie znaleziono
  84. "HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\pst1jqysw2k" => nie znaleziono
  85. "HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\q2b3plsg22w" => nie znaleziono
  86. HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => pomyślnie usunięto
  87. "HKU\S-1-5-21-2858759977-1372284025-741021665-1001\Software\Microsoft\Windows\CurrentVersion\Run\\6495628" => pomyślnie usunięto
  88. "HKU\S-1-5-21-2858759977-1372284025-741021665-1001\Software\Microsoft\Windows\CurrentVersion\Run\\7464317" => pomyślnie usunięto
  89. "HKU\S-1-5-21-2858759977-1372284025-741021665-1001\Software\Microsoft\Windows\CurrentVersion\Run\\1409931" => pomyślnie usunięto
  90. "HKU\S-1-5-21-2858759977-1372284025-741021665-1001\Software\Microsoft\Windows\CurrentVersion\Run\\7947509" => pomyślnie usunięto
  91. "HKU\S-1-5-21-2858759977-1372284025-741021665-1001\Software\Microsoft\Windows\CurrentVersion\Run\\2316180" => pomyślnie usunięto
  92. "C:\ProgramData\Quoteex\Damjob.dll" => Dane wartości pomyślnie usunięto
  93. "C:\ProgramData\Quoteex\Ronzimnix.dll" => Dane wartości pomyślnie usunięto
  94. C:\Windows\system32\GroupPolicy\Machine => pomyślnie przeniesiono
  95. C:\Windows\system32\GroupPolicy\GPT.ini => pomyślnie przeniesiono
  96. HKLM\SOFTWARE\Policies\Mozilla => pomyślnie usunięto
  97. HKLM\SOFTWARE\Policies\Google => pomyślnie usunięto
  98. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1A050D5F-3A43-4D45-BEE3-DFC651F7C340}" => pomyślnie usunięto
  99. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A050D5F-3A43-4D45-BEE3-DFC651F7C340}" => pomyślnie usunięto
  100. C:\Windows\System32\Tasks\RyVdMRuJrFpvTQ => pomyślnie przeniesiono
  101. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RyVdMRuJrFpvTQ" => pomyślnie usunięto
  102. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2E056063-0F86-4FD9-950F-0DC18DB69802}" => pomyślnie usunięto
  103. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E056063-0F86-4FD9-950F-0DC18DB69802}" => pomyślnie usunięto
  104. C:\Windows\System32\Tasks\Updater_Online_Application => pomyślnie przeniesiono
  105. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Updater_Online_Application" => pomyślnie usunięto
  106. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4078A3FB-7011-4565-9A20-1C86BD1951AF}" => pomyślnie usunięto
  107. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4078A3FB-7011-4565-9A20-1C86BD1951AF}" => pomyślnie usunięto
  108. C:\Windows\System32\Tasks\gvVywgorzMDAb2 => pomyślnie przeniesiono
  109. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\gvVywgorzMDAb2" => pomyślnie usunięto
  110. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4C48B546-F6D9-453A-8985-C43DDB046E49}" => pomyślnie usunięto
  111. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C48B546-F6D9-453A-8985-C43DDB046E49}" => pomyślnie usunięto
  112. C:\Windows\System32\Tasks\OZuycACZFPpjRdw2 => pomyślnie przeniesiono
  113. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OZuycACZFPpjRdw2" => pomyślnie usunięto
  114. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6DD48B93-0A11-4F68-847F-D27299F19641}" => pomyślnie usunięto
  115. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DD48B93-0A11-4F68-847F-D27299F19641}" => pomyślnie usunięto
  116. C:\Windows\System32\Tasks\fMbKWJvlURLuzEMtb2 => pomyślnie przeniesiono
  117. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\fMbKWJvlURLuzEMtb2" => pomyślnie usunięto
  118. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F6FE7CB9-882B-4C1A-A5CB-1F446E41221C}" => pomyślnie usunięto
  119. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F6FE7CB9-882B-4C1A-A5CB-1F446E41221C}" => pomyślnie usunięto
  120. C:\Windows\System32\Tasks\FtWAaXskhGyPkYAgsQK2 => pomyślnie przeniesiono
  121. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FtWAaXskhGyPkYAgsQK2" => pomyślnie usunięto
  122. C:\Windows\Tasks\Online Application V2G3.job => pomyślnie przeniesiono
  123. C:\Windows\Tasks\Online Application V2G4.job => pomyślnie przeniesiono
  124. C:\Windows\Tasks\Online Application V2G5.job => pomyślnie przeniesiono
  125. C:\Windows\Tasks\Online Application V2G6.job => pomyślnie przeniesiono
  126. C:\Windows\Tasks\Updater_Online_Application.job => pomyślnie przeniesiono
  127. HKU\S-1-5-21-2858759977-1372284025-741021665-1001\Software\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => Wartość pomyślnie przywrócono
  128. HKU\S-1-5-21-2858759977-1372284025-741021665-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => Wartość pomyślnie przywrócono
  129. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Wartość pomyślnie przywrócono
  130. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\ielnksrch => pomyślnie usunięto
  131. "HKU\S-1-5-21-2858759977-1372284025-741021665-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => pomyślnie usunięto
  132. HKU\S-1-5-21-2858759977-1372284025-741021665-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch} => pomyślnie usunięto
  133. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C77EC69-5EA3-4241-87D8-AC5A3B0ADAD1} => pomyślnie usunięto
  134. HKLM\Software\Classes\CLSID\{1C77EC69-5EA3-4241-87D8-AC5A3B0ADAD1} => pomyślnie usunięto
  135. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C77EC69-5EA3-4241-87D8-AC5A3B0ADAD1} => pomyślnie usunięto
  136. HKLM\Software\Wow6432Node\Classes\CLSID\{1C77EC69-5EA3-4241-87D8-AC5A3B0ADAD1} => pomyślnie usunięto
  137. HKLM\System\CurrentControlSet\Services\backlh => pomyślnie usunięto
  138. backlh => serwis pomyślnie usunięto
  139. EsgShKernel => serwis nie znaleziono.
  140. HKLM\System\CurrentControlSet\Services\EventSvc => pomyślnie usunięto
  141. EventSvc => serwis pomyślnie usunięto
  142. ShMonitor => serwis nie znaleziono.
  143. EnigmaFileMonDriver => serwis nie znaleziono.
  144. C:\Program Files\XOA8L2ZESJ => pomyślnie przeniesiono
  145. C:\Program Files\ADHNT25FRF => pomyślnie przeniesiono
  146. C:\Program Files\4EA0HTD2Q0 => pomyślnie przeniesiono
  147. C:\Users\paula\AppData\Roaming\qydosc0fukc => pomyślnie przeniesiono
  148. C:\Users\paula\AppData\Roaming\dj3ef3bj2h3 => pomyślnie przeniesiono
  149. C:\Users\paula\AppData\Roaming\zq1dre1tro3 => pomyślnie przeniesiono
  150. C:\ProgramData\KzqIhdLMAbFSuYVB => pomyślnie przeniesiono
  151. C:\Program Files (x86)\Bathou => pomyślnie przeniesiono
  152. C:\ProgramData\Quoteexs => pomyślnie przeniesiono
  153. C:\ProgramData\Quoteex => pomyślnie przeniesiono
  154. HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => pomyślnie usunięto
  155. HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => pomyślnie usunięto
  156. "HKU\S-1-5-21-2858759977-1372284025-741021665-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\7947509" => pomyślnie usunięto
  157. "HKU\S-1-5-21-2858759977-1372284025-741021665-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\7947509" => nie znaleziono
  158. "HKU\S-1-5-21-2858759977-1372284025-741021665-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\1409931" => pomyślnie usunięto
  159. "HKU\S-1-5-21-2858759977-1372284025-741021665-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\1409931" => nie znaleziono
  160. "HKU\S-1-5-21-2858759977-1372284025-741021665-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\7464317" => pomyślnie usunięto
  161. "HKU\S-1-5-21-2858759977-1372284025-741021665-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\7464317" => nie znaleziono
  162. "HKU\S-1-5-21-2858759977-1372284025-741021665-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\6495628" => pomyślnie usunięto
  163. "HKU\S-1-5-21-2858759977-1372284025-741021665-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\6495628" => nie znaleziono
  164.  
  165. ========= ipconfig /flushdns =========
  166.  
  167.  
  168. Windows IP Configuration
  169.  
  170. Successfully flushed the DNS Resolver Cache.
  171.  
  172. ========= Koniec  CMD: =========
  173.  
  174.  
  175. ========= netsh advfirewall set allprofiles state Off =========
  176.  
  177. Ok.
  178.  
  179.  
  180. ========= Koniec  CMD: =========
  181.  
  182.  
  183. ========= netsh advfirewall reset =========
  184.  
  185. Ok.
  186.  
  187.  
  188. ========= Koniec  CMD: =========
  189.  
  190.  
  191. ========= netsh int ipv4 reset all =========
  192.  
  193. Resetting Compartment Forwarding, OK!
  194. Resetting Compartment, OK!
  195. Resetting Control Protocol, OK!
  196. Resetting Echo Sequence Request, OK!
  197. Resetting Global, OK!
  198. Resetting Interface, OK!
  199. Resetting Anycast Address, OK!
  200. Resetting Multicast Address, OK!
  201. Resetting Unicast Address, OK!
  202. Resetting Neighbor, OK!
  203. Resetting Path, OK!
  204. Resetting Potential, OK!
  205. Resetting Prefix Policy, OK!
  206. Resetting Proxy Neighbor, OK!
  207. Resetting Route, OK!
  208. Resetting Site Prefix, OK!
  209. Resetting Subinterface, OK!
  210. Resetting Wakeup Pattern, OK!
  211. Resetting Resolve Neighbor, OK!
  212. Resetting , OK!
  213. Resetting , OK!
  214. Resetting , OK!
  215. Resetting , OK!
  216. Resetting , failed.
  217. Odmowa dost©pu.
  218.  
  219. Resetting , OK!
  220. Resetting , OK!
  221. Resetting , OK!
  222. Resetting , OK!
  223. Resetting , OK!
  224. Resetting , OK!
  225. Resetting , OK!
  226. Restart the computer to complete this action.
  227.  
  228.  
  229. ========= Koniec  CMD: =========
  230.  
  231.  
  232. ========= netsh int ipv6 reset all =========
  233.  
  234. Resetting Compartment Forwarding, OK!
  235. Resetting Compartment, OK!
  236. Resetting Control Protocol, OK!
  237. Resetting Echo Sequence Request, OK!
  238. Resetting Global, OK!
  239. Resetting Interface, OK!
  240. Resetting Anycast Address, OK!
  241. Resetting Multicast Address, OK!
  242. Resetting Unicast Address, OK!
  243. Resetting Neighbor, OK!
  244. Resetting Path, OK!
  245. Resetting Potential, OK!
  246. Resetting Prefix Policy, OK!
  247. Resetting Proxy Neighbor, OK!
  248. Resetting Route, OK!
  249. Resetting Site Prefix, OK!
  250. Resetting Subinterface, OK!
  251. Resetting Wakeup Pattern, OK!
  252. Resetting Resolve Neighbor, OK!
  253. Resetting , OK!
  254. Resetting , OK!
  255. Resetting , OK!
  256. Resetting , OK!
  257. Resetting , failed.
  258. Odmowa dost©pu.
  259.  
  260. Resetting , OK!
  261. Resetting , OK!
  262. Resetting , OK!
  263. Resetting , OK!
  264. Resetting , OK!
  265. Resetting , OK!
  266. Resetting , OK!
  267. Restart the computer to complete this action.
  268.  
  269.  
  270. ========= Koniec  CMD: =========
  271.  
  272.  
  273. ========= netsh int httpstunnel reset all =========
  274.  
  275.  
  276.  
  277. ========= Koniec  CMD: =========
  278.  
  279.  
  280. ========= netsh int portproxy reset all =========
  281.  
  282.  
  283.  
  284. ========= Koniec  CMD: =========
  285.  
  286.  
  287. ========= netsh int tcp reset all =========
  288.  
  289.  
  290. Reset of all TCP parameters OK!
  291. Ok.
  292.  
  293.  
  294. ========= Koniec  CMD: =========
  295.  
  296.  
  297. ========= ipconfig /release =========
  298.  
  299.  
  300. Windows IP Configuration
  301.  
  302. No operation can be performed on Ethernet while it has its media disconnected.
  303. No operation can be performed on PoˆĄczenie lokalne* 1 while it has its media disconnected.
  304. No operation can be performed on PoˆĄczenie lokalne* 2 while it has its media disconnected.
  305. No operation can be performed on PoˆĄczenie sieciowe Bluetooth while it has its media disconnected.
  306.  
  307. Ethernet adapter Ethernet:
  308.  
  309.    Media State . . . . . . . . . . . : Media disconnected
  310.    Connection-specific DNS Suffix  . :
  311.  
  312. Wireless LAN adapter PoˆĄczenie lokalne* 1:
  313.  
  314.    Media State . . . . . . . . . . . : Media disconnected
  315.    Connection-specific DNS Suffix  . :
  316.  
  317. Wireless LAN adapter PoˆĄczenie lokalne* 2:
  318.  
  319.    Media State . . . . . . . . . . . : Media disconnected
  320.    Connection-specific DNS Suffix  . :
  321.  
  322. Wireless LAN adapter Wi-Fi:
  323.  
  324.    Connection-specific DNS Suffix  . :
  325.    Link-local IPv6 Address . . . . . : fe80::751a:56dc:c485:9f97%16
  326.    Default Gateway . . . . . . . . . :
  327.  
  328. Ethernet adapter PoˆĄczenie sieciowe Bluetooth:
  329.  
  330.    Media State . . . . . . . . . . . : Media disconnected
  331.    Connection-specific DNS Suffix  . :
  332.  
  333. ========= Koniec  CMD: =========
  334.  
  335.  
  336. ========= ipconfig /renew =========
  337.  
  338.  
  339. Windows IP Configuration
  340.  
  341. No operation can be performed on Ethernet while it has its media disconnected.
  342. No operation can be performed on PoˆĄczenie lokalne* 1 while it has its media disconnected.
  343. No operation can be performed on PoˆĄczenie lokalne* 2 while it has its media disconnected.
  344. No operation can be performed on PoˆĄczenie sieciowe Bluetooth while it has its media disconnected.
  345.  
  346. Ethernet adapter Ethernet:
  347.  
  348.    Media State . . . . . . . . . . . : Media disconnected
  349.    Connection-specific DNS Suffix  . :
  350.  
  351. Wireless LAN adapter PoˆĄczenie lokalne* 1:
  352.  
  353.    Media State . . . . . . . . . . . : Media disconnected
  354.    Connection-specific DNS Suffix  . :
  355.  
  356. Wireless LAN adapter PoˆĄczenie lokalne* 2:
  357.  
  358.    Media State . . . . . . . . . . . : Media disconnected
  359.    Connection-specific DNS Suffix  . :
  360.  
  361. Wireless LAN adapter Wi-Fi:
  362.  
  363.    Connection-specific DNS Suffix  . : NAT.warszawa.vectranet.pl
  364.    Link-local IPv6 Address . . . . . : fe80::751a:56dc:c485:9f97%16
  365.    IPv4 Address. . . . . . . . . . . : 192.168.0.14
  366.    Subnet Mask . . . . . . . . . . . : 255.255.255.0
  367.    Default Gateway . . . . . . . . . : 192.168.0.1
  368.  
  369. Ethernet adapter PoˆĄczenie sieciowe Bluetooth:
  370.  
  371.    Media State . . . . . . . . . . . : Media disconnected
  372.    Connection-specific DNS Suffix  . :
  373.  
  374. ========= Koniec  CMD: =========
  375.  
  376.  
  377. ========= wevtutil el | Foreach-Object {wevtutil cl "$_"} =========
  378.  
  379. wevtutil : Failed to clear log Microsoft-Windows-LiveId/Analytic.
  380. At C:\FRST\tmp.ps1:1 char:31
  381. + wevtutil el | Foreach-Object {wevtutil cl "$_"}
  382. +                               ~~~~~~~~~~~~~~~~
  383.     + CategoryInfo          : NotSpecified: (Failed to clear...iveId/Analytic.:String) [], RemoteException
  384.     + FullyQualifiedErrorId : NativeCommandError
  385.  
  386. Odmowa dostŕpu.
  387.  
  388. wevtutil : Failed to clear log Microsoft-Windows-LiveId/Operational.
  389. At C:\FRST\tmp.ps1:1 char:31
  390. + wevtutil el | Foreach-Object {wevtutil cl "$_"}
  391. +                               ~~~~~~~~~~~~~~~~
  392.     + CategoryInfo          : NotSpecified: (Failed to clear...Id/Operational.:String) [], RemoteException
  393.     + FullyQualifiedErrorId : NativeCommandError
  394.  
  395. Odmowa dostŕpu.
  396.  
  397.  
  398. ========= Koniec  Powershell: =========
  399.  
  400.  
  401. =========== EmptyTemp: ==========
  402.  
  403. BITS transfer queue => 7626752 B
  404. DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 119431890 B
  405. Java, Flash, Steam htmlcache => 0 B
  406. Windows/system/drivers => 68962200 B
  407. Edge => 12513777 B
  408. Chrome => 373996952 B
  409. Firefox => 0 B
  410. Opera => 0 B
  411.  
  412. Temp, IE cache, history, cookies, recent:
  413. Default => 0 B
  414. Users => 0 B
  415. ProgramData => 0 B
  416. Public => 0 B
  417. systemprofile => 0 B
  418. systemprofile32 => 0 B
  419. LocalService => 3738 B
  420. NetworkService => 43729908 B
  421. paula => 531125361 B
  422.  
  423. RecycleBin => 0 B
  424. EmptyTemp: => 1.1 GB danych tymczasowych Usunięto.
  425.  
  426. ================================
  427.  
  428.  
  429. System wymagał restartu.
  430.  
  431. ==== Koniec  Fixlog 17:18:06 ====
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Top