Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 02-10-2019 Uruchomiony przez rados (06-10-2019 10:07:53) Run:1 Uruchomiony z C:\Users\rados\Desktop Załadowane profile: rados (Dostępne profile: rados) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: EmptyTemp: HKU\S-1-5-21-1856414022-4287965406-1251756097-1001\...\MountPoints2: {e1db7cba-bfc0-11e9-9fd3-208984902e76} - "F:\HiSuiteDownLoader.exe" FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA Task: {7A6DA388-7717-4CC1-AF79-47112360EEB4} - System32\Tasks\Opera scheduled Autoupdate 1565504464 => C:\Users\rados\AppData\Local\Programs\Opera\launcher.exe [1520152 2019-09-18] (Opera Software AS -> Opera Software) Tcpip\..\Interfaces\{f80c84c9-08e6-448d-948e-8ac5705a5c43}: [DhcpNameServer] 62.21.99.94 62.21.99.95 HKU\S-1-5-21-1856414022-4287965406-1251756097-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gazeta.pl/0,0.html?p=190 SearchScopes: HKU\S-1-5-21-1856414022-4287965406-1251756097-1001 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms} FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Brak pliku] FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [Brak pliku] CHR HomePage: Default -> hxxp://www.gazeta.pl/0,0.html?p=190 CHR StartupUrls: Default -> "hxxp://www.google.com","hxxp://www.gazeta.pl/0,0.html?p=190" CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X] 2019-10-05 10:01 - 2019-08-11 08:21 - 000003556 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1565504464 ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> Brak pliku ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> Brak pliku ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> Brak pliku ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku IE trusted site: HKU\.DEFAULT\...\localhost -> localhost IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com IE trusted site: HKU\S-1-5-21-1856414022-4287965406-1251756097-1001\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-1856414022-4287965406-1251756097-1001\...\webcompanion.com -> hxxp://webcompanion.com FirewallRules: [{6347DC25-9720-4FA4-A403-78E8321CBC58}] => (Block) %ProgramFiles%\Adobe\Adobe Lightroom\lightroom.exe Brak pliku FirewallRules: [{3C162941-EDA8-437D-8498-09C1A76B5065}] => (Block) %ProgramFiles%\Adobe\Adobe Lightroom\lightroom.exe Brak pliku C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk C:\Users\rados\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Driver Booster.lnk ***************** Procesy zostały pomyślnie zamknięte. Punkt przywracania został pomyślnie utworzony. HKU\S-1-5-21-1856414022-4287965406-1251756097-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e1db7cba-bfc0-11e9-9fd3-208984902e76} => pomyślnie usunięto HKLM\Software\Classes\CLSID\{e1db7cba-bfc0-11e9-9fd3-208984902e76} => nie znaleziono HKLM\SOFTWARE\Policies\Mozilla => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7A6DA388-7717-4CC1-AF79-47112360EEB4}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A6DA388-7717-4CC1-AF79-47112360EEB4}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1565504464 => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1565504464" => pomyślnie usunięto "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{f80c84c9-08e6-448d-948e-8ac5705a5c43}\\DhcpNameServer" => pomyślnie usunięto HKU\S-1-5-21-1856414022-4287965406-1251756097-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono HKU\S-1-5-21-1856414022-4287965406-1251756097-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B} => pomyślnie usunięto HKLM\Software\Classes\CLSID\{993F5746-4C15-42BC-99C1-064A1764271B} => nie znaleziono HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect => pomyślnie usunięto HKLM\Software\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect => pomyślnie usunięto "Chrome HomePage" => pomyślnie usunięto "Chrome StartupUrls" => pomyślnie usunięto HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => pomyślnie usunięto HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => pomyślnie usunięto HKLM\System\CurrentControlSet\Services\cpuz143 => pomyślnie usunięto cpuz143 => serwis pomyślnie usunięto "C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1565504464" => nie znaleziono HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Advanced SystemCare => pomyślnie usunięto HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D} => nie znaleziono HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\Advanced SystemCare => pomyślnie usunięto HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D} => nie znaleziono HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Advanced SystemCare => pomyślnie usunięto HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D} => nie znaleziono HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => pomyślnie usunięto HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => nie znaleziono HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost => pomyślnie usunięto HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com => pomyślnie usunięto HKU\S-1-5-21-1856414022-4287965406-1251756097-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost => pomyślnie usunięto HKU\S-1-5-21-1856414022-4287965406-1251756097-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6347DC25-9720-4FA4-A403-78E8321CBC58}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3C162941-EDA8-437D-8498-09C1A76B5065}" => pomyślnie usunięto C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk => pomyślnie przeniesiono C:\Users\rados\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Driver Booster.lnk => pomyślnie przeniesiono =========== EmptyTemp: ========== BITS transfer queue => 8937472 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11709804 B Java, Flash, Steam htmlcache => 99773400 B Windows/system/drivers => 53150 B Edge => 27852 B Chrome => 311576 B Firefox => 0 B Opera => 392874295 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 3810 B LocalService => 0 B NetworkService => 0 B NetworkService => 0 B rados => 272034 B RecycleBin => 0 B EmptyTemp: => 490.2 MB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 10:09:33 ====