Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 05-01-2021
Uruchomiony przez 1 (05-01-2021 12:53:52) Run:2
Uruchomiony z E:\
Załadowane profile: 1
Tryb startu: Normal
==============================================

fixlist - zawartość:
*****************
CloseProcesses:
CreateRestorePoint:
EmptyTemp:
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA
HKU\S-1-5-21-4167625086-3165384033-634236210-1002\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8160856 2020-06-28] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
HKU\S-1-5-21-4167625086-3165384033-634236210-1002\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4167625086-3165384033-634236210-1002\...\MountPoints2: {41f44b65-aedb-11ea-ac96-d05099405892} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-4167625086-3165384033-634236210-1002\...\MountPoints2: {6b009157-cb57-11ea-ace0-806e6f6e6963} - "D:\autorun.exe" 
HKU\S-1-5-21-4167625086-3165384033-634236210-1002\...\MountPoints2: {d231af91-bbf7-11ea-acb6-d05099405892} - "F:\setup.exe" 
GroupPolicy: Ograniczenia ? <==== UWAGA
Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA
HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
Task: {151C7802-CE13-4D34-A3DA-81BBE8F6AE0A} - System32\Tasks\SmartGameBooster SkipUAC (1) => C:\Program Files (x86)\PCGameBoost\Smart Game Booster\5.0.1\SgbMain.exe [5653560 2020-12-23] (Chengdu Zhagu Technology Co., Ltd. -> Smart Game Booster)
Task: {ACA3C76D-A2F2-4548-8997-FD58C0E3E42E} - System32\Tasks\Opera scheduled Autoupdate 1595543150 => C:\Users\2\AppData\Local\Programs\Opera\launcher.exe [1776664 2020-12-16] (Opera Software AS -> Opera Software)
Task: {F1E7742D-579A-4F45-A753-925FAB1FF387} - System32\Tasks\SmartGameBooster Update => C:\Program Files (x86)\PCGameBoost\Smart Game Booster\5.0.1\SgbUpdater.exe [2812472 2020-11-25] (Chengdu Zhagu Technology Co., Ltd. -> Smart Game Booster)
Tcpip\..\Interfaces\{871dd103-63e1-418e-90d2-d1952ec86ce6}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{cf0088a2-9fe8-4978-87c8-6661102eab9c}: [DhcpNameServer] 192.168.43.1
FF Plugin HKU\S-1-5-21-4167625086-3165384033-634236210-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Brak pliku]
CHR Extension: (Social Blade) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2020-06-12] [UpdateUrl:hxxps://addon.socialblade.com/updates.json] <==== UWAGA
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [29272 2020-06-28] (LAVASOFT SOFTWARE CANADA INC -> )
U4 AppMgmt; Brak ImagePath
U4 CscService; Brak ImagePath
S3 MpKslf4982a0e; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{225844DC-696E-4859-942A-456D37C26256}\MpKslDrv.sys [X]
U4 napagent; Brak ImagePath
U4 PeerDistSvc; Brak ImagePath
2021-01-05 10:34 - 2021-01-05 10:34 - 000000000 ____D C:\Users\1\AppData\LocalLow\nb98wqnehe8bw89hb
2021-01-05 10:33 - 2021-01-05 10:33 - 000001111 _____ C:\Users\1\_readme.txt
2021-01-05 10:32 - 2021-01-05 10:32 - 000000014 _____ C:\ProgramData\kaosdma.txt
2021-01-05 10:32 - 2021-01-05 10:32 - 000000000 ____D C:\Users\1\AppData\LocalLow\pF2qC1gG7yH8hI1o
2021-01-05 10:32 - 2021-01-05 10:32 - 000000000 ____D C:\Users\1\AppData\Local\Cesar
2021-01-05 10:31 - 2021-01-05 10:31 - 000000558 _____ C:\Users\1\AppData\Local\bowsakkdestx.txt
2021-01-05 10:31 - 2021-01-05 10:31 - 000000000 ____D C:\Users\Public\Thunder Network
2021-01-05 10:31 - 2021-01-05 10:31 - 000000000 ____D C:\ProgramData\XCWI0TKOQOTLXLE7I0Q40YTKS
2021-01-05 10:31 - 2021-01-05 10:31 - 000000000 ____D C:\ProgramData\Thunder Network
2021-01-05 10:31 - 2021-01-05 10:31 - 000000000 ____D C:\ProgramData\q5w1v6u1y6w1v6u1y6
2021-01-05 10:31 - 2021-01-05 10:31 - 000000000 ____D C:\ProgramData\GI2WVNW5VJ6WT1V6T3E56Y7PN
2021-01-05 10:09 - 2021-01-05 10:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Game Booster
2021-01-05 10:08 - 2021-01-05 10:08 - 058041520 _____ (Smart Game Booster ) C:\Users\1\Downloads\smart_game_booster_setup.exe
2020-12-30 16:58 - 2020-12-30 16:58 - 000000266 __RSH C:\ProgramData\ntuser.pol
CMD: type "C:\ProgramData\kaosdma.txt"
CMD: type "C:\Users\1\_readme.txt"
CloseProcesses:
CreateRestorePoint:
EmptyTemp:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
AlternateDataStreams: C:\Users\2\Desktop\1.jpeg:3or4kl4x13tuuug3Byamue2s4b [89]
AlternateDataStreams: C:\Users\2\Desktop\1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\2\Desktop\2.jpeg:3or4kl4x13tuuug3Byamue2s4b [89]
AlternateDataStreams: C:\Users\2\Desktop\2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\2\Desktop\kwalifik.jpeg:3or4kl4x13tuuug3Byamue2s4b [89]
AlternateDataStreams: C:\Users\2\Desktop\kwalifik.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\2\Desktop\skan1.jpeg:3or4kl4x13tuuug3Byamue2s4b [89]
AlternateDataStreams: C:\Users\2\Desktop\skan1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\2\Desktop\skan2.jpeg:3or4kl4x13tuuug3Byamue2s4b [89]
AlternateDataStreams: C:\Users\2\Desktop\skan2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\2\Desktop\skan3.jpeg:3or4kl4x13tuuug3Byamue2s4b [89]
AlternateDataStreams: C:\Users\2\Desktop\skan3.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\2\Desktop\swiadecrtwo 2.jpeg:3or4kl4x13tuuug3Byamue2s4b [89]
AlternateDataStreams: C:\Users\2\Desktop\swiadecrtwo 2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\2\Desktop\swiadectwo 4.jpeg:3or4kl4x13tuuug3Byamue2s4b [89]
AlternateDataStreams: C:\Users\2\Desktop\swiadectwo 4.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\2\Desktop\świadectwo 1.jpeg:3or4kl4x13tuuug3Byamue2s4b [89]
AlternateDataStreams: C:\Users\2\Desktop\świadectwo 1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\2\Desktop\świadectwo 4.jpeg:3or4kl4x13tuuug3Byamue2s4b [89]
AlternateDataStreams: C:\Users\2\Desktop\świadectwo 4.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
HKU\S-1-5-21-4167625086-3165384033-634236210-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT171101&iDate=2020-06-28 11:20:17&bName=
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-4167625086-3165384033-634236210-1002\...\hola.org -> hxxp://hola.org
IE trusted site: HKU\S-1-5-21-4167625086-3165384033-634236210-1002\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-4167625086-3165384033-634236210-1002\...\webcompanion.com -> hxxp://webcompanion.com
FirewallRules: [{0B03100D-B3FF-4EA1-826B-9A4E6F152987}] => (Allow) LPort=5357
FirewallRules: [{4D437622-DEBE-40B1-96E7-0D24F41993B9}] => (Allow) C:\Users\1\AppData\Local\Temp\download\MiniThunderPlatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [{F20B3CD9-211E-4555-B3EC-F2D5660A3DA9}] => (Allow) C:\Users\1\AppData\Local\Temp\download\MiniThunderPlatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)

*****************

Procesy zostały pomyślnie zamknięte.
Błąd: (0) Nie udało się utworzyć punktu przywracania.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => nie znaleziono
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => pomyślnie usunięto
"HKU\S-1-5-21-4167625086-3165384033-634236210-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Web Companion" => nie znaleziono
"HKU\S-1-5-21-4167625086-3165384033-634236210-1002\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks" => nie znaleziono
HKU\S-1-5-21-4167625086-3165384033-634236210-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{41f44b65-aedb-11ea-ac96-d05099405892} => nie znaleziono
HKU\S-1-5-21-4167625086-3165384033-634236210-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6b009157-cb57-11ea-ace0-806e6f6e6963} => pomyślnie usunięto
HKU\S-1-5-21-4167625086-3165384033-634236210-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d231af91-bbf7-11ea-acb6-d05099405892} => nie znaleziono
"C:\WINDOWS\system32\GroupPolicy\Machine" => nie znaleziono
C:\ProgramData\NTUSER.pol => pomyślnie przeniesiono
HKLM\SOFTWARE\Policies\Mozilla => nie znaleziono
HKLM\SOFTWARE\Policies\Google => nie znaleziono
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{151C7802-CE13-4D34-A3DA-81BBE8F6AE0A}" => nie znaleziono
"C:\WINDOWS\System32\Tasks\SmartGameBooster SkipUAC (1)" => nie znaleziono
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartGameBooster SkipUAC (1)" => nie znaleziono
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ACA3C76D-A2F2-4548-8997-FD58C0E3E42E}" => nie znaleziono
"C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1595543150" => nie znaleziono
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1595543150" => nie znaleziono
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1E7742D-579A-4F45-A753-925FAB1FF387}" => nie znaleziono
"C:\WINDOWS\System32\Tasks\SmartGameBooster Update" => nie znaleziono
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartGameBooster Update" => nie znaleziono
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{871dd103-63e1-418e-90d2-d1952ec86ce6}\\DhcpNameServer" => pomyślnie usunięto
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{cf0088a2-9fe8-4978-87c8-6661102eab9c}\\DhcpNameServer" => nie znaleziono
HKU\S-1-5-21-4167625086-3165384033-634236210-1002\Software\MozillaPlugins\ubisoft.com/uplaypc => nie znaleziono
"C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll" => nie znaleziono
CHR Extension: (Social Blade) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2020-06-12] [UpdateUrl:hxxps://addon.socialblade.com/updates.json] <==== UWAGA => Błąd: Nie znaleziono automatycznej naprawy dla tego wejścia.
WCAssistantService => serwis nie znaleziono.
AppMgmt => serwis nie znaleziono.
CscService => serwis nie znaleziono.
MpKslf4982a0e => serwis nie znaleziono.
napagent => serwis nie znaleziono.
PeerDistSvc => serwis nie znaleziono.
"C:\Users\1\AppData\LocalLow\nb98wqnehe8bw89hb" => nie znaleziono
"C:\Users\1\_readme.txt" => nie znaleziono
"C:\ProgramData\kaosdma.txt" => nie znaleziono
"C:\Users\1\AppData\LocalLow\pF2qC1gG7yH8hI1o" => nie znaleziono
"C:\Users\1\AppData\Local\Cesar" => nie znaleziono
"C:\Users\1\AppData\Local\bowsakkdestx.txt" => nie znaleziono
"C:\Users\Public\Thunder Network" => nie znaleziono
"C:\ProgramData\XCWI0TKOQOTLXLE7I0Q40YTKS" => nie znaleziono
"C:\ProgramData\Thunder Network" => nie znaleziono
"C:\ProgramData\q5w1v6u1y6w1v6u1y6" => nie znaleziono
"C:\ProgramData\GI2WVNW5VJ6WT1V6T3E56Y7PN" => nie znaleziono
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Game Booster" => nie znaleziono
"C:\Users\1\Downloads\smart_game_booster_setup.exe" => nie znaleziono
"C:\ProgramData\ntuser.pol" => nie znaleziono

========= type "C:\ProgramData\kaosdma.txt" =========

Nie można odnaleźć określonego pliku.

========= Koniec  CMD: =========


========= type "C:\Users\1\_readme.txt" =========

Nie można odnaleźć określonego pliku.

========= Koniec  CMD: =========

Procesy zostały pomyślnie zamknięte.
Błąd: (0) Nie udało się utworzyć punktu przywracania.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => podklucz z nieprawidłowymi znakami -> pomyślnie usunięto
C:\Users\2\Desktop\1.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS niepowodzenie przy usuwaniu.
C:\Users\2\Desktop\1.jpeg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS niepowodzenie przy usuwaniu.
"C:\Users\2\Desktop\2.jpeg" => ":3or4kl4x13tuuug3Byamue2s4b" ADS nie znaleziono.
"C:\Users\2\Desktop\2.jpeg" => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS nie znaleziono.
C:\Users\2\Desktop\kwalifik.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS niepowodzenie przy usuwaniu.
C:\Users\2\Desktop\kwalifik.jpeg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS niepowodzenie przy usuwaniu.
C:\Users\2\Desktop\skan1.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS niepowodzenie przy usuwaniu.
C:\Users\2\Desktop\skan1.jpeg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS niepowodzenie przy usuwaniu.
C:\Users\2\Desktop\skan2.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS niepowodzenie przy usuwaniu.
C:\Users\2\Desktop\skan2.jpeg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS niepowodzenie przy usuwaniu.
C:\Users\2\Desktop\skan3.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS niepowodzenie przy usuwaniu.
C:\Users\2\Desktop\skan3.jpeg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS niepowodzenie przy usuwaniu.
C:\Users\2\Desktop\swiadecrtwo 2.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS niepowodzenie przy usuwaniu.
C:\Users\2\Desktop\swiadecrtwo 2.jpeg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS niepowodzenie przy usuwaniu.
"C:\Users\2\Desktop\swiadectwo 4.jpeg" => ":3or4kl4x13tuuug3Byamue2s4b" ADS nie znaleziono.
"C:\Users\2\Desktop\swiadectwo 4.jpeg" => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS nie znaleziono.
C:\Users\2\Desktop\świadectwo 1.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS niepowodzenie przy usuwaniu.
C:\Users\2\Desktop\świadectwo 1.jpeg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS niepowodzenie przy usuwaniu.
"C:\Users\2\Desktop\świadectwo 4.jpeg" => ":3or4kl4x13tuuug3Byamue2s4b" ADS nie znaleziono.
"C:\Users\2\Desktop\świadectwo 4.jpeg" => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS nie znaleziono.
HKU\S-1-5-21-4167625086-3165384033-634236210-1002\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => Wartość pomyślnie przywrócono
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost => nie znaleziono
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com => nie znaleziono
HKU\S-1-5-21-4167625086-3165384033-634236210-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org => nie znaleziono
HKU\S-1-5-21-4167625086-3165384033-634236210-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost => nie znaleziono
HKU\S-1-5-21-4167625086-3165384033-634236210-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com => nie znaleziono
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0B03100D-B3FF-4EA1-826B-9A4E6F152987}" => nie znaleziono
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4D437622-DEBE-40B1-96E7-0D24F41993B9}" => nie znaleziono
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F20B3CD9-211E-4555-B3EC-F2D5660A3DA9}" => nie znaleziono

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5655638 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 6284 B
Edge => 0 B
Chrome => 9222602 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
48534 => 0 B
1 => 251063 B
2 => 251063 B

RecycleBin => 0 B
EmptyTemp: => 24.9 MB danych tymczasowych Usunięto.

================================


System wymagał restartu.

==== Koniec  Fixlog 12:54:22 ====