Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 28-09-2019
Uruchomiony przez OM (28-09-2019 11:14:51) Run:1
Uruchomiony z C:\Users\OM\Desktop
Załadowane profile: OM (Dostępne profile: OM)
Tryb startu: Normal
==============================================

fixlist - zawartość:
*****************
CloseProcesses:
CreateRestorePoint:
EmptyTemp:
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\...\MountPoints2: F - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\...\MountPoints2: {1f2acfa6-ba65-11e7-864b-dca9715a595a} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\...\MountPoints2: {24f5e2ea-9067-11e9-a7fd-dca9715a595a} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\...\MountPoints2: {2db2edb0-0cdf-11e9-b76a-dca9715a595a} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\...\MountPoints2: {2ec04d9c-ee1e-11e5-b1d3-dca9715a595a} - F:\LGAutoRun.exe
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\...\MountPoints2: {6a223521-1520-11e6-9b34-dca9715a595a} - F:\AutoRun.exe
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\...\MountPoints2: {6a223e20-1520-11e6-9b34-dca9715a595a} - F:\AutoRun.exe
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\...\MountPoints2: {9a160f37-52e5-11e9-b330-dca9715a595a} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\...\MountPoints2: {9e9ee63b-7647-11e9-8c7e-dca9715a595a} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\...\MountPoints2: {a36469d4-b8f3-11e7-802b-dca9715a595a} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\...\MountPoints2: {bd96e6dd-db58-11e6-bd7a-dca9715a595a} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\...\MountPoints2: {d6ecf216-cf97-11e8-a750-dca9715a595a} - F:\HiSuiteDownLoader.exe
Task: {471A6600-EEAA-4944-BDC3-F531FCD711A6} - System32\Tasks\{EDFB66FB-745C-4E73-AFC9-72B8DD712300} => C:\Users\OM\Counter Strike Global Offensive - Launcher Setup.exe [51513088 2019-04-12] () [Brak podpisu cyfrowego]
Task: {7EBA6690-F240-498A-9123-5368C2A24E14} - System32\Tasks\{1C41C78B-3AAF-4A80-B4A4-27BF318EA34E} => C:\Users\OM\Counter Strike Global Offensive - Launcher Setup.exe [51513088 2019-04-12] () [Brak podpisu cyfrowego]
Task: {8286C4A8-7287-4A33-B898-8C65ED2BB8EE} - System32\Tasks\{664CB88F-C957-448F-832C-AC05BDCD455B} => C:\Users\OM\Counter Strike Global Offensive - Launcher Setup.exe [51513088 2019-04-12] () [Brak podpisu cyfrowego]
Task: {D288EFFB-9B3E-42AD-99B5-ECBBE0BC5D23} - System32\Tasks\Opera scheduled Autoupdate 1456083253 => D:\Opera\launcher.exe [1520152 2019-09-03] (Opera Software AS -> Opera Software)
Tcpip\..\Interfaces\{0778A56B-3223-4AC1-BE1E-CA9EF2676382}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{7A162578-3D2D-4C21-B37B-92A690E14A81}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{93A28ACE-BECA-4EE8-BAF6-CE01A07CABC8}: [NameServer] 194.204.152.34 194.204.159.1
Tcpip\..\Interfaces\{BC21258A-A5F8-436D-B107-BAACFAFC4546}: [DhcpNameServer] 208.67.222.222 208.67.220.220
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp
SearchScopes: HKU\S-1-5-21-1923143551-3100905641-2904479667-1000 -> {76DEFAE6-09B2-40B2-8F8A-5A6A5D5CE4EB} URL = hxxps://search.yahoo.com/search/?toggle=1&cop=mss&ei=UTF-8&fr=vmn&type=auslog_yaapp1_ch&p={searchTerms}
FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
CHR HomePage: Default -> amazon.com/websearch/?ie=UTF8__PARAM__
CHR RestoreOnStartup: Default -> "hxxps://search.yahoo.com/?fr=vmn&type=auslog_yaapp1_hp"
CHR StartupUrls: Default -> "hxxps://search.yahoo.com/?fr=vmn&type=auslog_yaapp1_hp"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search/?toggle=1&cop=mss&ei=UTF-8&fr=vmn&type=auslog_yaapp1_ch&p={searchTerms}
CHR DefaultSearchKeyword: Default -> yahoo.com
CHR DefaultSuggestURL: Default -> hxxp://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: (HKLM) OperaStable - D:\Opera\Launcher.exe
S3 HPSupportSolutionsFrameworkService; "C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" [X]
S3 ardrv; \??\C:\Users\OM\AppData\Local\Temp\ardrv.sys [X] <==== UWAGA
S3 cpuz138; \??\C:\Users\OM\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== UWAGA
S3 dbx; system32\DRIVERS\dbx.sys [X]
2019-09-22 18:29 - 2018-02-12 07:58 - 000003856 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1456083253
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
AlternateDataStreams: C:\Users\Public\AppData:CSM [230]
IE trusted site: HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\...\amazon.com -> hxxps://amazon.com
C:\Users\OM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office\Narzędzia WPS Office\Sprawdź aktualizacje dla WPS Office.lnk
C:\Users\OM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Avast Secure Browser.lnk
RemoveProxy:

*****************

Procesy zostały pomyślnie zamknięte.
Punkt przywracania został pomyślnie utworzony.
"HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NolowDiskSpaceChecks" => pomyślnie usunięto
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F => pomyślnie usunięto
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1f2acfa6-ba65-11e7-864b-dca9715a595a} => pomyślnie usunięto
HKLM\Software\Classes\CLSID\{1f2acfa6-ba65-11e7-864b-dca9715a595a} => nie znaleziono
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{24f5e2ea-9067-11e9-a7fd-dca9715a595a} => pomyślnie usunięto
HKLM\Software\Classes\CLSID\{24f5e2ea-9067-11e9-a7fd-dca9715a595a} => nie znaleziono
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2db2edb0-0cdf-11e9-b76a-dca9715a595a} => pomyślnie usunięto
HKLM\Software\Classes\CLSID\{2db2edb0-0cdf-11e9-b76a-dca9715a595a} => nie znaleziono
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2ec04d9c-ee1e-11e5-b1d3-dca9715a595a} => pomyślnie usunięto
HKLM\Software\Classes\CLSID\{2ec04d9c-ee1e-11e5-b1d3-dca9715a595a} => nie znaleziono
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a223521-1520-11e6-9b34-dca9715a595a} => pomyślnie usunięto
HKLM\Software\Classes\CLSID\{6a223521-1520-11e6-9b34-dca9715a595a} => nie znaleziono
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a223e20-1520-11e6-9b34-dca9715a595a} => pomyślnie usunięto
HKLM\Software\Classes\CLSID\{6a223e20-1520-11e6-9b34-dca9715a595a} => nie znaleziono
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9a160f37-52e5-11e9-b330-dca9715a595a} => pomyślnie usunięto
HKLM\Software\Classes\CLSID\{9a160f37-52e5-11e9-b330-dca9715a595a} => nie znaleziono
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e9ee63b-7647-11e9-8c7e-dca9715a595a} => pomyślnie usunięto
HKLM\Software\Classes\CLSID\{9e9ee63b-7647-11e9-8c7e-dca9715a595a} => nie znaleziono
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a36469d4-b8f3-11e7-802b-dca9715a595a} => pomyślnie usunięto
HKLM\Software\Classes\CLSID\{a36469d4-b8f3-11e7-802b-dca9715a595a} => nie znaleziono
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bd96e6dd-db58-11e6-bd7a-dca9715a595a} => pomyślnie usunięto
HKLM\Software\Classes\CLSID\{bd96e6dd-db58-11e6-bd7a-dca9715a595a} => nie znaleziono
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d6ecf216-cf97-11e8-a750-dca9715a595a} => pomyślnie usunięto
HKLM\Software\Classes\CLSID\{d6ecf216-cf97-11e8-a750-dca9715a595a} => nie znaleziono
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{471A6600-EEAA-4944-BDC3-F531FCD711A6}" => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{471A6600-EEAA-4944-BDC3-F531FCD711A6}" => pomyślnie usunięto
C:\Windows\System32\Tasks\{EDFB66FB-745C-4E73-AFC9-72B8DD712300} => pomyślnie przeniesiono
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EDFB66FB-745C-4E73-AFC9-72B8DD712300}" => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7EBA6690-F240-498A-9123-5368C2A24E14}" => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EBA6690-F240-498A-9123-5368C2A24E14}" => pomyślnie usunięto
C:\Windows\System32\Tasks\{1C41C78B-3AAF-4A80-B4A4-27BF318EA34E} => pomyślnie przeniesiono
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1C41C78B-3AAF-4A80-B4A4-27BF318EA34E}" => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8286C4A8-7287-4A33-B898-8C65ED2BB8EE}" => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8286C4A8-7287-4A33-B898-8C65ED2BB8EE}" => pomyślnie usunięto
C:\Windows\System32\Tasks\{664CB88F-C957-448F-832C-AC05BDCD455B} => pomyślnie przeniesiono
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{664CB88F-C957-448F-832C-AC05BDCD455B}" => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D288EFFB-9B3E-42AD-99B5-ECBBE0BC5D23}" => nie znaleziono
C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1456083253 => pomyślnie przeniesiono
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1456083253" => pomyślnie usunięto
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{0778A56B-3223-4AC1-BE1E-CA9EF2676382}\\NameServer" => nie znaleziono
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7A162578-3D2D-4C21-B37B-92A690E14A81}\\DhcpNameServer" => pomyślnie usunięto
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{93A28ACE-BECA-4EE8-BAF6-CE01A07CABC8}\\NameServer" => pomyślnie usunięto
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{BC21258A-A5F8-436D-B107-BAACFAFC4546}\\DhcpNameServer" => pomyślnie usunięto
"HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache" => pomyślnie usunięto
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{76DEFAE6-09B2-40B2-8F8A-5A6A5D5CE4EB} => pomyślnie usunięto
HKLM\Software\Classes\CLSID\{76DEFAE6-09B2-40B2-8F8A-5A6A5D5CE4EB} => nie znaleziono
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => pomyślnie usunięto
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => pomyślnie usunięto
"Chrome HomePage" => pomyślnie usunięto
"Chrome RestoreOnStartup" => pomyślnie usunięto
"Chrome StartupUrls" => pomyślnie usunięto
"Chrome DefaultSearchURL" => pomyślnie usunięto
"Chrome DefaultSearchKeyword" => pomyślnie usunięto
"Chrome DefaultSuggestURL" => pomyślnie usunięto
HKLM\SOFTWARE\Google\Chrome\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade => nie znaleziono
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade => nie znaleziono
HKLM\SOFTWARE\Clients\StartMenuInternet\OperaStable\shell\open\command\\Default => Wartość pomyślnie przywrócono
HKLM\System\CurrentControlSet\Services\HPSupportSolutionsFrameworkService => pomyślnie usunięto
HPSupportSolutionsFrameworkService => serwis pomyślnie usunięto
HKLM\System\CurrentControlSet\Services\ardrv => pomyślnie usunięto
ardrv => serwis pomyślnie usunięto
HKLM\System\CurrentControlSet\Services\cpuz138 => pomyślnie usunięto
cpuz138 => serwis pomyślnie usunięto
HKLM\System\CurrentControlSet\Services\dbx => pomyślnie usunięto
dbx => serwis pomyślnie usunięto
"C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1456083253" => nie znaleziono
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => pomyślnie usunięto
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => nie znaleziono
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => pomyślnie usunięto
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => nie znaleziono
C:\Users\Public\AppData => ":CSM" ADS pomyślnie usunięto
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\amazon.com => pomyślnie usunięto
C:\Users\OM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office\Narzędzia WPS Office\Sprawdź aktualizacje dla WPS Office.lnk => pomyślnie przeniesiono
C:\Users\OM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Avast Secure Browser.lnk => pomyślnie przeniesiono

========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => pomyślnie usunięto
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => pomyślnie usunięto
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => pomyślnie usunięto
"HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => pomyślnie usunięto
"HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => pomyślnie usunięto


========= Koniec  RemoveProxy: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10665198 B
Java, Flash, Steam htmlcache => 28388945 B
Windows/system/drivers => 229283883 B
Edge => 0 B
Chrome => 15706571 B
Firefox => 0 B
Opera => 74225435 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 60500103 B
systemprofile32 => 66356 B
LocalService => 66228 B
NetworkService => 72759 B
OM => 23958309 B

RecycleBin => 5760707 B
EmptyTemp: => 436 MB danych tymczasowych Usunięto.

================================


System wymagał restartu.

==== Koniec  Fixlog 11:16:21 ====