REKLAMA

Fixlog.txt

Kaspersky free - blokuje strony internetowe HEUR: Trojan.script.Miner.gen

Zrobiłem jak powiedziałeś. Dodaje fixlog i pliki z ponownego skanowania po naprawie.


Pobierz plik - link do postu

Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 24.12.2018
Uruchomiony przez Mariusz (26-12-2018 12:17:33) Run:1
Uruchomiony z C:\Users\Mariusz\Desktop
Załadowane profile: Mariusz (Dostępne profile: Mariusz & GUEST & Gość)
Tryb startu: Normal
==============================================

fixlist - zawartość:
*****************
CloseProcesses:
Task: {121AF220-DE46-46A2-884D-851A48A9112A} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} = & gt; C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {249EE108-3B5D-4035-8D52-0A65DE5F46A0} - System32\Tasks\{7A86863B-9A79-4FED-A430-E050A95F649C} = & gt; C:\WINDOWS\system32\pcalua.exe -a D:\Gry\WoW\unins000.exe
Task: {6CD09A8A-02E5-4EF2-819A-A7E8285F8BE2} - System32\Tasks\{779D4AB0-BD6B-4839-8E4B-10251C3376A0} = & gt; C:\WINDOWS\system32\pcalua.exe -a G:\Setup\rsrc\Autorun.exe -d G:\
AlternateDataStreams: C:\WINDOWS\system32\adhsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentExtensions.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\basesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BdeHdCfgLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\consent.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dhcpsapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftbusui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftcserco.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FTLang.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftserui2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fvecpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FWPUCLNT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FwRemoteSvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\httpprxm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\httpprxp.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\LocationApi.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\mtxoci.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\polstore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingSync.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingSyncHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SystemSettingsAdminFlows.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\themecpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\usercpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\VSSVC.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Devices.Geolocation.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\WorkfoldersControl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WsmAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WsmAuto.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dhcpsapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dsparse.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\fog.dll:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\FWPUCLNT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\FwRemoteSvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\gpapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\hgcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IPHLPAPI.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\LocationApi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msorcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mswsock.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mtxoci.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\polstore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingMonitor.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSync.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSyncCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSyncHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\shacct.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\stobject.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\themecpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\usercpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wfapigp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Devices.Geolocation.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ws2_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WsmAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WsmAuto.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dtliteusbbus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ftdibus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ftser2k.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\IPMIDrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mup.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ndiswan.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rasl2tp.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\volmgr.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\volsnap.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\vpci.sys:$CmdTcID [64]
AlternateDataStreams: C:\ProgramData\TEMP:72CCCD14 [207]
AlternateDataStreams: C:\Users\Mariusz\Documents\iview441_setup.exe:BDU [0]
Hosts:
HKLM-x32\...\Run: [] = & gt; [X]
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\MountPoints2: {0372a43b-b45d-11e5-be79-2016d827b5ff} - " E:\Autorun.exe "
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\MountPoints2: {201781c2-c90a-11e5-be80-2016d827b5ff} - " G:\Setup.exe "
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\MountPoints2: {20178e73-c90a-11e5-be80-2016d827b5ff} - " J:\setup.exe "
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\MountPoints2: {31e0feb5-275e-11e6-be9a-2016d827b5ff} - " G:\setup.exe "
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\MountPoints2: {385cbe2d-8a97-11e5-be6b-2016d827b5ff} - " G:\setup.exe "
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\MountPoints2: {6a8df0c5-8ae8-11e5-be6e-2016d827b5ff} - " E:\setup.exe "
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\MountPoints2: {6a8df238-8ae8-11e5-be6e-2016d827b5ff} - " H:\setup.exe "
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\MountPoints2: {7d4bf22e-3339-11e6-be9d-2016d827b5ff} - " L:\setup.exe "
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\MountPoints2: {832debf7-c1f7-11e7-bf03-2016d827b5ff} - " E:\LaunchU3.exe " -a
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\MountPoints2: {c719cee4-0ed8-11e6-be92-2016d827b5ff} - " I:\AutoRun.exe "
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\MountPoints2: {c719cf81-0ed8-11e6-be92-2016d827b5ff} - " I:\AutoRun.exe "
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\MountPoints2: {e4bd6feb-c3a0-11e5-be7d-2016d827b5ff} - " H:\setup.exe "
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\MountPoints2: {e710629c-179c-11e6-be96-2016d827b5ff} - " E:\AutoRun.exe "
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\MountPoints2: {f8c164e8-6265-11e6-beb8-2016d827b5ff} - " E:\setup.exe "
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Ograniczenia ? & lt; ==== UWAGA
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
FF Extension: (Brak nazwy) - C:\Users\Mariusz\AppData\Roaming\Mozilla\Firefox\Profiles\y5iryq58.default\extensions\WebProtection@360safe.com [nie znaleziono]
FF Plugin-x32: @adobe.com/FlashPlayer - & gt; D:\Gry\Neverwinter\Arc\plugins\flash\NPSWF32.dll [Brak pliku]
CHR HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
2018-12-25 09:41 - 2016-12-27 16:27 - 000000000 ____D C:\Program Files (x86)\360
2018-12-25 09:32 - 2016-12-27 18:42 - 000000000 __SHD C:\$360Section
EmptyTemp:
*****************

Procesy zostały pomyślnie zamknięte.
" HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{121AF220-DE46-46A2-884D-851A48A9112A} " = & gt; pomyślnie usunięto
" HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{121AF220-DE46-46A2-884D-851A48A9112A} " = & gt; pomyślnie usunięto
C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} = & gt; pomyślnie przeniesiono
" HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} " = & gt; pomyślnie usunięto
" HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{249EE108-3B5D-4035-8D52-0A65DE5F46A0} " = & gt; pomyślnie usunięto
" HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{249EE108-3B5D-4035-8D52-0A65DE5F46A0} " = & gt; pomyślnie usunięto
C:\WINDOWS\System32\Tasks\{7A86863B-9A79-4FED-A430-E050A95F649C} = & gt; pomyślnie przeniesiono
" HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7A86863B-9A79-4FED-A430-E050A95F649C} " = & gt; pomyślnie usunięto
" HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6CD09A8A-02E5-4EF2-819A-A7E8285F8BE2} " = & gt; pomyślnie usunięto
" HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6CD09A8A-02E5-4EF2-819A-A7E8285F8BE2} " = & gt; pomyślnie usunięto
C:\WINDOWS\System32\Tasks\{779D4AB0-BD6B-4839-8E4B-10251C3376A0} = & gt; pomyślnie przeniesiono
" HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{779D4AB0-BD6B-4839-8E4B-10251C3376A0} " = & gt; pomyślnie usunięto
C:\WINDOWS\system32\adhsvc.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\AppXDeploymentExtensions.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\basesrv.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\BdeHdCfgLib.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\consent.exe = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\dhcpsapi.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\ftbusui.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\ftcserco.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\ftd2xx.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\FTLang.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\ftserui2.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\fvecpl.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\FWPUCLNT.DLL = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\FwRemoteSvr.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\httpprxm.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\httpprxp.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\LocationApi.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\mtxoci.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\polstore.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\SettingsHandlers.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\SettingSync.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\SettingSyncHost.exe = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\SystemSettingsAdminFlows.exe = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\themecpl.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\usercpl.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\VSSVC.exe = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\Windows.Devices.Geolocation.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\WorkfoldersControl.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\WsmAgent.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\WsmAuto.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\SysWOW64\dhcpsapi.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\SysWOW64\dsparse.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\SysWOW64\fog.dll = & gt; " :$CmdZnID " ADS pomyślnie usunięto
C:\WINDOWS\SysWOW64\ftd2xx.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\SysWOW64\FWPUCLNT.DLL = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\SysWOW64\FwRemoteSvr.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\SysWOW64\gpapi.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\SysWOW64\hgcpl.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\SysWOW64\IPHLPAPI.DLL = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\SysWOW64\LocationApi.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\SysWOW64\msorcl32.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\SysWOW64\mswsock.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\SysWOW64\mtxoci.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\SysWOW64\polstore.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\SysWOW64\SettingMonitor.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\SysWOW64\SettingSync.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\SysWOW64\SettingSyncCore.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\SysWOW64\SettingSyncHost.exe = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\SysWOW64\shacct.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\SysWOW64\stobject.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\SysWOW64\themecpl.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\SysWOW64\usercpl.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\SysWOW64\wfapigp.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\SysWOW64\Windows.Devices.Geolocation.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\SysWOW64\Windows.UI.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\SysWOW64\ws2_32.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\SysWOW64\WsmAgent.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\SysWOW64\WsmAuto.dll = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\Drivers\dtliteusbbus.sys = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\Drivers\ftdibus.sys = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\Drivers\ftser2k.sys = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\Drivers\IPMIDrv.sys = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\Drivers\mup.sys = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\Drivers\ndiswan.sys = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\Drivers\rasl2tp.sys = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\Drivers\volmgr.sys = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\Drivers\volsnap.sys = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\WINDOWS\system32\Drivers\vpci.sys = & gt; " :$CmdTcID " ADS pomyślnie usunięto
C:\ProgramData\TEMP = & gt; " :72CCCD14 " ADS pomyślnie usunięto
C:\Users\Mariusz\Documents\iview441_setup.exe = & gt; " :BDU " ADS pomyślnie usunięto
C:\Windows\System32\Drivers\etc\hosts = & gt; pomyślnie przeniesiono
Hosts pomyślnie przywrócono.
" HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ " = & gt; pomyślnie usunięto
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0372a43b-b45d-11e5-be79-2016d827b5ff} = & gt; pomyślnie usunięto
HKLM\Software\Classes\CLSID\{0372a43b-b45d-11e5-be79-2016d827b5ff} = & gt; nie znaleziono
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{201781c2-c90a-11e5-be80-2016d827b5ff} = & gt; pomyślnie usunięto
HKLM\Software\Classes\CLSID\{201781c2-c90a-11e5-be80-2016d827b5ff} = & gt; nie znaleziono
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{20178e73-c90a-11e5-be80-2016d827b5ff} = & gt; pomyślnie usunięto
HKLM\Software\Classes\CLSID\{20178e73-c90a-11e5-be80-2016d827b5ff} = & gt; nie znaleziono
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{31e0feb5-275e-11e6-be9a-2016d827b5ff} = & gt; pomyślnie usunięto
HKLM\Software\Classes\CLSID\{31e0feb5-275e-11e6-be9a-2016d827b5ff} = & gt; nie znaleziono
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{385cbe2d-8a97-11e5-be6b-2016d827b5ff} = & gt; pomyślnie usunięto
HKLM\Software\Classes\CLSID\{385cbe2d-8a97-11e5-be6b-2016d827b5ff} = & gt; nie znaleziono
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a8df0c5-8ae8-11e5-be6e-2016d827b5ff} = & gt; pomyślnie usunięto
HKLM\Software\Classes\CLSID\{6a8df0c5-8ae8-11e5-be6e-2016d827b5ff} = & gt; nie znaleziono
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a8df238-8ae8-11e5-be6e-2016d827b5ff} = & gt; pomyślnie usunięto
HKLM\Software\Classes\CLSID\{6a8df238-8ae8-11e5-be6e-2016d827b5ff} = & gt; nie znaleziono
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7d4bf22e-3339-11e6-be9d-2016d827b5ff} = & gt; pomyślnie usunięto
HKLM\Software\Classes\CLSID\{7d4bf22e-3339-11e6-be9d-2016d827b5ff} = & gt; nie znaleziono
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{832debf7-c1f7-11e7-bf03-2016d827b5ff} = & gt; pomyślnie usunięto
HKLM\Software\Classes\CLSID\{832debf7-c1f7-11e7-bf03-2016d827b5ff} = & gt; nie znaleziono
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c719cee4-0ed8-11e6-be92-2016d827b5ff} = & gt; pomyślnie usunięto
HKLM\Software\Classes\CLSID\{c719cee4-0ed8-11e6-be92-2016d827b5ff} = & gt; nie znaleziono
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c719cf81-0ed8-11e6-be92-2016d827b5ff} = & gt; pomyślnie usunięto
HKLM\Software\Classes\CLSID\{c719cf81-0ed8-11e6-be92-2016d827b5ff} = & gt; nie znaleziono
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e4bd6feb-c3a0-11e5-be7d-2016d827b5ff} = & gt; pomyślnie usunięto
HKLM\Software\Classes\CLSID\{e4bd6feb-c3a0-11e5-be7d-2016d827b5ff} = & gt; nie znaleziono
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e710629c-179c-11e6-be96-2016d827b5ff} = & gt; pomyślnie usunięto
HKLM\Software\Classes\CLSID\{e710629c-179c-11e6-be96-2016d827b5ff} = & gt; nie znaleziono
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f8c164e8-6265-11e6-beb8-2016d827b5ff} = & gt; pomyślnie usunięto
HKLM\Software\Classes\CLSID\{f8c164e8-6265-11e6-beb8-2016d827b5ff} = & gt; nie znaleziono
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute = & gt; Wartość pomyślnie przywrócono
C:\WINDOWS\system32\GroupPolicy\Machine = & gt; pomyślnie przeniesiono
C:\WINDOWS\system32\GroupPolicy\GPT.ini = & gt; pomyślnie przeniesiono
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini = & gt; pomyślnie przeniesiono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page = & gt; Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page = & gt; Wartość pomyślnie przywrócono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL = & gt; Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL = & gt; Wartość pomyślnie przywrócono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL = & gt; Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL = & gt; Wartość pomyślnie przywrócono
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\Software\Microsoft\Internet Explorer\Main\\Start Page = & gt; Wartość pomyślnie przywrócono
C:\Users\Mariusz\AppData\Roaming\Mozilla\Firefox\Profiles\y5iryq58.default\extensions\WebProtection@360safe.com = & gt; ścieżki pomyślnie usunięto
HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer = & gt; pomyślnie usunięto
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\SOFTWARE\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj = & gt; pomyślnie usunięto
HKLM\System\CurrentControlSet\Services\BRDriver64_1_3_3_E02B25FC = & gt; pomyślnie usunięto
BRDriver64_1_3_3_E02B25FC = & gt; serwis pomyślnie usunięto
C:\Program Files (x86)\360 = & gt; pomyślnie przeniesiono
C:\$360Section = & gt; pomyślnie przeniesiono

=========== EmptyTemp: ==========

BITS transfer queue = & gt; 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache = & gt; 154375089 B
Java, Flash, Steam htmlcache = & gt; 257049513 B
Windows/system/drivers = & gt; 98980254 B
Edge = & gt; 0 B
Chrome = & gt; 567919947 B
Firefox = & gt; 7435910 B
Opera = & gt; 0 B

Temp, IE cache, history, cookies, recent:
Default = & gt; 0 B
Users = & gt; 0 B
ProgramData = & gt; 0 B
Public = & gt; 0 B
systemprofile = & gt; 128 B
systemprofile32 = & gt; 313038 B
LocalService = & gt; 147564 B
NetworkService = & gt; 928054 B
Mariusz = & gt; 968695096 B
GUEST = & gt; 6718 B
Gość = & gt; 16314 B

RecycleBin = & gt; 31890 B
EmptyTemp: = & gt; 1.9 GB danych tymczasowych Usunięto.

================================


System wymagał restartu.

==== Koniec Fixlog 12:18:22 ====