Rezultat naprawy Farbar Recovery Scan Tool (x86) Wersja: 26-12-2019 Uruchomiony przez szymon (27-12-2019 22:54:39) Run:1 Uruchomiony z C:\Users\szymon\Desktop\FRST\frst Załadowane profile: szymon (Dostępne profile: szymon) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: EmptyTemp: HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: F - F:\AutoRun.exe /s HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: G - G:\AutoRun.exe HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: H - H:\AutoRun.exe HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {3168420c-9e89-11e2-94fe-d710a21dcda3} - G:\AutoRun.exe /s HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {69300500-c0ce-11de-afea-acbb43663a4d} - G:\AutoRun.exe HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {69300511-c0ce-11de-afea-acbb43663a4d} - G:\AutoRun.exe HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {695d2417-22a7-11de-b8e6-001377988fb5} - F:\AutoRun.exe HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {708d157c-aecf-11e3-8d26-d8e90d368216} - F:\AutoRun.exe /s HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {754f9d29-f955-11e2-bb68-906108090fac} - F:\AutoRun.exe /s HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {7e8d2079-f9fd-11e2-908f-a4a989e715d3} - F:\AutoRun.exe /s HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {7e8d2089-f9fd-11e2-908f-9df2729782e7} - F:\AutoRun.exe HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {8baf0962-22c4-11de-9eb4-001377988fb5} - G:\AutoRun.exe HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {8baf0964-22c4-11de-9eb4-001377988fb5} - F:\AutoRun.exe HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {d8e650d3-58c6-11e6-9adf-001377988fb5} - F:\AutoRun.exe HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {d8e650d7-58c6-11e6-9adf-00a0c6000000} - F:\AutoRun.exe HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {e470a6c5-e855-11e5-8caa-001377988fb5} - F:\AutoRun.exe /s HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {f05c6ab7-22a8-11de-8ca6-001377988fb5} - F:\AutoRun.exe Task: {056F2320-8DE4-486F-B0CF-FCD7EC708DD9} - System32\Tasks\{E8A5ECBE-9722-4C07-AA36-9FA670860CAC} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\igfxcpl.cpl -c Intel(R) GMA Driver for Mobile Task: {5EE56422-3F69-4CBB-AA32-A2AD788073F3} - System32\Tasks\{4B0605B9-C818-444E-8274-07BD3DEA882F} => C:\Windows\system32\pcalua.exe -a "E:\op-com\op-com\op-com\Before the firmware upgrade using\OPCOM081016_EN\OPCOM081016_EN\DPInst.exe" -d "E:\op-com\op-com\op-com\Before the firmware upgrade using\OPCOM081016_EN\OPCOM081016_EN" Task: {75E9A7A4-45E1-40EA-BE23-CC53F9E439F3} - System32\Tasks\{0DF26784-6926-4AC8-AEC0-FA182434B8B6} => C:\Windows\system32\pcalua.exe -a "E:\op-com\op-com\op-com\Before the firmware upgrade using\OPCOM081016_EN\OPCOM081016_EN\OPCOMUSBUninstall.exe" -d "E:\op-com\op-com\op-com\Before the firmware upgrade using\OPCOM081016_EN\OPCOM081016_EN" Task: {C29F7C19-2589-45F7-A31E-921530A20AF8} - System32\Tasks\{D5E89D88-FA2D-41C2-98B2-B168850DADAF} => C:\Windows\system32\pcalua.exe -a "C:\Users\szymon\Desktop\op-com\op-com\op-com\Before the firmware upgrade using\OPCOM081016_EN\OPCOM081016_EN\Driver\OPCOMUSBUninstall.exe" -d "C:\Users\szymon\Desktop\op-com\op-com\op-com\Before the firmware upgrade using\OPCOM081016_EN\OPCOM081016_EN\Driver" Tcpip\..\Interfaces\{43553BD0-DE8F-4FB3-B364-7EA653E6E149}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{68B883E5-2578-4F16-BAFC-DFDFE8FDD021}: [DhcpNameServer] 192.168.0.1 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-3182861355-789584673-1566108675-1003\Software\Microsoft\Internet Explorer\Main,Start Page = SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Brak pliku FF Plugin HKU\S-1-5-21-3182861355-789584673-1566108675-1003: @tools.google.com/Google Update;version=3 -> C:\Users\szymon\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll [Brak pliku] ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files\AVG\AVG PC TuneUp\SDShelEx-win32.dll -> Brak pliku ContextMenuHandlers4: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files\AVG\AVG PC TuneUp\DseShExt-x86.dll -> Brak pliku ContextMenuHandlers4: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files\AVG\AVG PC TuneUp\SDShelEx-win32.dll -> Brak pliku AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4 [276] AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [112] AlternateDataStreams: C:\Users\Public\DRM:احتضان [98] CMD: dir /a "C:\Users\szymon\AppData\Roaming\CFBEDSDX" CMD: dir /a "C:\Users\szymon\AppData\Roaming\MXPUWBDF" CMD: dir /a "C:\Users\szymon\AppData\Roaming\WGPYQE" ***************** Procesy zostały pomyślnie zamknięte. Punkt przywracania został pomyślnie utworzony. HKU\S-1-5-21-3182861355-789584673-1566108675-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F => pomyślnie usunięto HKU\S-1-5-21-3182861355-789584673-1566108675-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G => pomyślnie usunięto HKU\S-1-5-21-3182861355-789584673-1566108675-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H => pomyślnie usunięto HKU\S-1-5-21-3182861355-789584673-1566108675-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3168420c-9e89-11e2-94fe-d710a21dcda3} => pomyślnie usunięto HKU\S-1-5-21-3182861355-789584673-1566108675-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{69300500-c0ce-11de-afea-acbb43663a4d} => pomyślnie usunięto HKU\S-1-5-21-3182861355-789584673-1566108675-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{69300511-c0ce-11de-afea-acbb43663a4d} => pomyślnie usunięto HKU\S-1-5-21-3182861355-789584673-1566108675-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{695d2417-22a7-11de-b8e6-001377988fb5} => pomyślnie usunięto HKU\S-1-5-21-3182861355-789584673-1566108675-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{708d157c-aecf-11e3-8d26-d8e90d368216} => pomyślnie usunięto HKU\S-1-5-21-3182861355-789584673-1566108675-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{754f9d29-f955-11e2-bb68-906108090fac} => pomyślnie usunięto HKU\S-1-5-21-3182861355-789584673-1566108675-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e8d2079-f9fd-11e2-908f-a4a989e715d3} => pomyślnie usunięto HKU\S-1-5-21-3182861355-789584673-1566108675-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e8d2089-f9fd-11e2-908f-9df2729782e7} => pomyślnie usunięto HKU\S-1-5-21-3182861355-789584673-1566108675-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8baf0962-22c4-11de-9eb4-001377988fb5} => pomyślnie usunięto HKU\S-1-5-21-3182861355-789584673-1566108675-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8baf0964-22c4-11de-9eb4-001377988fb5} => pomyślnie usunięto HKU\S-1-5-21-3182861355-789584673-1566108675-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d8e650d3-58c6-11e6-9adf-001377988fb5} => pomyślnie usunięto HKU\S-1-5-21-3182861355-789584673-1566108675-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d8e650d7-58c6-11e6-9adf-00a0c6000000} => pomyślnie usunięto HKU\S-1-5-21-3182861355-789584673-1566108675-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e470a6c5-e855-11e5-8caa-001377988fb5} => pomyślnie usunięto HKU\S-1-5-21-3182861355-789584673-1566108675-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f05c6ab7-22a8-11de-8ca6-001377988fb5} => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{056F2320-8DE4-486F-B0CF-FCD7EC708DD9}" => pomyślnie usunięto HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{056F2320-8DE4-486F-B0CF-FCD7EC708DD9} => pomyślnie usunięto C:\Windows\System32\Tasks\{E8A5ECBE-9722-4C07-AA36-9FA670860CAC} => pomyślnie przeniesiono HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E8A5ECBE-9722-4C07-AA36-9FA670860CAC} => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5EE56422-3F69-4CBB-AA32-A2AD788073F3}" => pomyślnie usunięto HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5EE56422-3F69-4CBB-AA32-A2AD788073F3} => pomyślnie usunięto C:\Windows\System32\Tasks\{4B0605B9-C818-444E-8274-07BD3DEA882F} => pomyślnie przeniesiono HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4B0605B9-C818-444E-8274-07BD3DEA882F} => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75E9A7A4-45E1-40EA-BE23-CC53F9E439F3}" => pomyślnie usunięto HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75E9A7A4-45E1-40EA-BE23-CC53F9E439F3} => pomyślnie usunięto C:\Windows\System32\Tasks\{0DF26784-6926-4AC8-AEC0-FA182434B8B6} => pomyślnie przeniesiono HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0DF26784-6926-4AC8-AEC0-FA182434B8B6} => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C29F7C19-2589-45F7-A31E-921530A20AF8}" => pomyślnie usunięto HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C29F7C19-2589-45F7-A31E-921530A20AF8} => pomyślnie usunięto C:\Windows\System32\Tasks\{D5E89D88-FA2D-41C2-98B2-B168850DADAF} => pomyślnie przeniesiono HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D5E89D88-FA2D-41C2-98B2-B168850DADAF} => pomyślnie usunięto "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{43553BD0-DE8F-4FB3-B364-7EA653E6E149}\\DhcpNameServer" => pomyślnie usunięto "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{68B883E5-2578-4F16-BAFC-DFDFE8FDD021}\\DhcpNameServer" => pomyślnie usunięto HKLM\Software\\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => Wartość pomyślnie przywrócono HKU\S-1-5-21-3182861355-789584673-1566108675-1003\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => Wartość pomyślnie przywrócono "HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => pomyślnie usunięto "HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => pomyślnie usunięto "HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => pomyślnie usunięto HKLM\Software\Classes\PROTOCOLS\Handler\linkscanner => pomyślnie usunięto HKU\S-1-5-21-3182861355-789584673-1566108675-1003\Software\MozillaPlugins\@tools.google.com/Google Update;version=3 => pomyślnie usunięto "C:\Users\szymon\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll" => nie znaleziono HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\AVG Shredder Shell Extension => pomyślnie usunięto HKLM\Software\Classes\CLSID\{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => pomyślnie usunięto HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\AVG Disk Space Explorer Shell Extension => pomyślnie usunięto HKLM\Software\Classes\CLSID\{4838CD50-7E5D-4811-9B17-C47A85539F28} => pomyślnie usunięto HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\AVG Shredder Shell Extension => pomyślnie usunięto C:\ProgramData\TEMP => ":0B4227B4" ADS pomyślnie usunięto C:\ProgramData\TEMP => ":D1B5B4F1" ADS pomyślnie usunięto C:\Users\Public\DRM => ":احتضان" ADS pomyślnie usunięto ========= dir /a "C:\Users\szymon\AppData\Roaming\CFBEDSDX" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 6AAF-353A Katalog: C:\Users\szymon\AppData\Roaming 2014-09-01 09:18 1˙248 CFBEDSDX 1 plik(˘w) 1˙248 bajt˘w 0 katalog(˘w) 36˙672˙004˙096 bajt˘w wolnych ========= Koniec CMD: ========= ========= dir /a "C:\Users\szymon\AppData\Roaming\MXPUWBDF" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 6AAF-353A Katalog: C:\Users\szymon\AppData\Roaming 2014-09-01 09:18 1˙248 MXPUWBDF 1 plik(˘w) 1˙248 bajt˘w 0 katalog(˘w) 36˙671˙479˙808 bajt˘w wolnych ========= Koniec CMD: ========= ========= dir /a "C:\Users\szymon\AppData\Roaming\WGPYQE" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 6AAF-353A Katalog: C:\Users\szymon\AppData\Roaming 2014-09-01 09:18 2˙086 WGPYQE 1 plik(˘w) 2˙086 bajt˘w 0 katalog(˘w) 36˙671˙479˙808 bajt˘w wolnych ========= Koniec CMD: ========= =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 91169166 B Java, Flash, Steam htmlcache => 291 B Windows/system/drivers => 118108991 B Edge => 0 B Chrome => 638997228 B Firefox => 240465 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 692 B LocalService => 692 B NetworkService => 4342 B szymon => 279230482 B RecycleBin => 1291419039 B EmptyTemp: => 2.3 GB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 22:56:55 ====