Rezultat naprawy Farbar Recovery Scan Tool (x86) Wersja: 21-10-2017 Uruchomiony przez OK (23-10-2017 18:29:17) Run:1 Uruchomiony z E:\Pobrane2 Załadowane profile: OK (Dostępne profile: OK) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: CustomCLSID: HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> "C:\Users\OK\AppData\Local\Google\Update\GoogleUpdate.exe" => Brak pliku CustomCLSID: HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\OK\AppData\Local\Google\Update\1.3.33.5\psuser.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\OK\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileCoAuthLib.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\OK\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe" => Brak pliku CustomCLSID: HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\OK\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe" => Brak pliku CustomCLSID: HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\OK\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe" => Brak pliku CustomCLSID: HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\OK\AppData\Local\Google\Update\1.3.30.3\psuser.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\OK\AppData\Local\Google\Update\1.3.31.5\psuser.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\OK\AppData\Local\Google\Update\1.3.29.5\psuser.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\OK\AppData\Local\Google\Update\1.3.33.3\psuser.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\OK\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\OK\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\OK\AppData\Local\Google\Update\1.3.32.8\psuser.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\OK\AppData\Local\Google\Update\1.3.29.1\psuser.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\OK\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe" => Brak pliku CustomCLSID: HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\OK\AppData\Local\Google\Update\1.3.33.5\psuser.dll => Brak pliku ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku Task: {FABD849F-0BAD-4CB9-8D95-3B31D66A1B9C} - System32\Tasks\Chromium liror => C:\Windows\system32\wscript.exe "C:\ProgramData\{4348862B-C90A-0CED-4FCC-92AFD58E1961}\dife.txt" "68747470733a2f2f6b6174756e61712e636f6d" "433a5c50726f6772616d446174615c7b34333438383632422d433930412d304345442d344643432d3932414644353845313936317d5c6d6f6c6f6665" "433a5c50726f6772616d446174615c7b34333438383632422d433930412d304345442d (dane wartości zawierają 84 znaków więcej). <==== UWAGA Task: C:\Windows\Tasks\Chromium liror.job => Wscript.exe C:\ProgramData\{4348862B-C90A-0CED-4FCC-92AFD58E1961}\dife.txt <==== UWAGA Task: C:\Windows\Tasks\{02B889B6-6CA1-291D-E186-0D112ADCACA6}.job => C:\Users\OK\AppData\Local\02B889~1\sync.exe <==== UWAGA Task: {05B3FF01-392D-43AA-8D2A-F27AA6720149} - System32\Tasks\{02B889B6-6CA1-291D-E186-0D112ADCACA6} => C:\Users\OK\AppData\Local\02b889b66ca1291de1860d112adcaca6\sync.exe [2013-05-04] () C:\ProgramData\{4348862B-C90A-0CED-4FCC-92AFD58E1961} C:\Users\OK\AppData\Local\02b889b66ca1291de1860d112adcaca6 C:\Users\OK\AppData\Local\02B889~1 HKU\S-1-5-21-469927386-569436938-3138798766-1001\...\Run: [Chromium] => c:\users\ok\appdata\local\chromium\application\chrome.exe [1419776 2017-08-04] (The Chromium Authors) HKU\S-1-5-21-469927386-569436938-3138798766-1001\...\Run: [GoogleChromeAutoLaunch_FD18F6954B7F97E501B839AC3215DD2B] => C:\Users\OK\AppData\Local\chromium\Application\chrome.exe [1419776 2017-08-04] (The Chromium Authors) U0 msahci; system32\drivers\msahci.sys [X] C:\Users\OK\AppData\Local\Microsoft\Windows\Application Shortcuts\AD2F1837.HPPrinterControl_v10z8vjag6ke6\AD2F1837.HPPrinterControl.lnk DeleteKey: HKCU\Software\Mozilla DeleteKey: HKCU\Software\MozillaPlugins DeleteKey: HKLM\SOFTWARE\Mozilla DeleteKey: HKLM\SOFTWARE\MozillaPlugins DeleteKey: HKLM\SOFTWARE\Wow6432Node\Mozilla DeleteKey: HKLM\SOFTWARE\Wow6432Node\mozilla.org DeleteKey: HKLM\SOFTWARE\Wow6432Node\MozillaPlugins C:\Users\OK\AppData\Local\Mozilla C:\Users\OK\AppData\Roaming\Mozilla C:\Users\OK\AppData\Roaming\Profiles CMD: dir /a "C:\Program Files" CMD: dir /a "C:\Program Files (x86)" CMD: dir /a "C:\Program Files\Common Files\System" CMD: dir /a "C:\Program Files (x86)\Common Files\System" CMD: dir /a C:\ProgramData CMD: dir /a C:\Users\OK\AppData\Local CMD: dir /a C:\Users\OK\AppData\LocalLow CMD: dir /a C:\Users\OK\AppData\Roaming Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"} EmptyTemp: ***************** Procesy zostały pomyślnie zamknięte. Error: (0) Nie udało się utworzyć punktu przywracania. HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F} => klucz pomyślnie usunięto HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4} => klucz pomyślnie usunięto HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5} => klucz pomyślnie usunięto HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43} => klucz pomyślnie usunięto HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598} => klucz pomyślnie usunięto HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119} => klucz pomyślnie usunięto HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856} => klucz pomyślnie usunięto HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4} => klucz pomyślnie usunięto HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247} => klucz pomyślnie usunięto HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04} => klucz pomyślnie usunięto HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} => klucz pomyślnie usunięto HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55} => klucz pomyślnie usunięto HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA} => klucz pomyślnie usunięto HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2} => klucz pomyślnie usunięto HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750} => klucz pomyślnie usunięto HKU\S-1-5-21-469927386-569436938-3138798766-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F} => klucz pomyślnie usunięto HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => klucz pomyślnie usunięto HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FABD849F-0BAD-4CB9-8D95-3B31D66A1B9C} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FABD849F-0BAD-4CB9-8D95-3B31D66A1B9C} => klucz pomyślnie usunięto C:\Windows\System32\Tasks\Chromium liror => pomyślnie przeniesiono HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Chromium liror => klucz pomyślnie usunięto C:\Windows\Tasks\Chromium liror.job => pomyślnie przeniesiono C:\Windows\Tasks\{02B889B6-6CA1-291D-E186-0D112ADCACA6}.job => pomyślnie przeniesiono HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{05B3FF01-392D-43AA-8D2A-F27AA6720149} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05B3FF01-392D-43AA-8D2A-F27AA6720149} => klucz pomyślnie usunięto C:\Windows\System32\Tasks\{02B889B6-6CA1-291D-E186-0D112ADCACA6} => pomyślnie przeniesiono HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{02B889B6-6CA1-291D-E186-0D112ADCACA6} => klucz pomyślnie usunięto C:\ProgramData\{4348862B-C90A-0CED-4FCC-92AFD58E1961} => pomyślnie przeniesiono C:\Users\OK\AppData\Local\02b889b66ca1291de1860d112adcaca6 => pomyślnie przeniesiono "C:\Users\OK\AppData\Local\02B889~1" => nie znaleziono. HKU\S-1-5-21-469927386-569436938-3138798766-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Chromium => Wartość pomyślnie usunięto HKU\S-1-5-21-469927386-569436938-3138798766-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_FD18F6954B7F97E501B839AC3215DD2B => Wartość pomyślnie usunięto HKLM\System\CurrentControlSet\Services\msahci => klucz pomyślnie usunięto msahci => serwis pomyślnie usunięto C:\Users\OK\AppData\Local\Microsoft\Windows\Application Shortcuts\AD2F1837.HPPrinterControl_v10z8vjag6ke6\AD2F1837.HPPrinterControl.lnk => pomyślnie przeniesiono HKCU\Software\Mozilla => klucz nie znaleziono. HKCU\Software\MozillaPlugins => klucz pomyślnie usunięto HKLM\SOFTWARE\Mozilla => klucz nie znaleziono. HKLM\SOFTWARE\MozillaPlugins => klucz pomyślnie usunięto HKLM\SOFTWARE\Wow6432Node\Mozilla => klucz nie znaleziono. HKLM\SOFTWARE\Wow6432Node\mozilla.org => klucz nie znaleziono. HKLM\SOFTWARE\Wow6432Node\MozillaPlugins => klucz nie znaleziono. "C:\Users\OK\AppData\Local\Mozilla" => nie znaleziono. "C:\Users\OK\AppData\Roaming\Mozilla" => nie znaleziono. "C:\Users\OK\AppData\Roaming\Profiles" => nie znaleziono. ========= dir /a "C:\Program Files" ========= Volume in drive C is OS Volume Serial Number is D8C4-1BFD Directory of C:\Program Files 2017-07-15 20:27 . 2017-07-15 20:27 .. 2015-12-02 13:06 ASUS 2017-02-11 12:56 ByteFence 2017-10-22 06:06 Common Files 2013-08-22 10:16 174 desktop.ini 2015-12-02 13:03 DIFX 2016-04-19 00:11 Google 2015-12-02 12:58 InstallShield Installation Information 2015-12-02 12:56 Intel 2017-10-20 19:45 Internet Explorer 2017-10-22 06:04 Microsoft Office 2015-12-20 02:20 Microsoft Office 15 2017-01-28 11:11 Microsoft.NET 2014-05-12 21:16 MSBuild 2016-04-19 00:11 PhotoScape 2015-12-02 12:58 Realtek 2014-05-12 21:16 Reference Assemblies 2017-10-11 10:51 Skype 2013-08-22 09:24 Uninstall Information 2017-04-20 12:13 Windows Defender 2015-12-20 11:53 Windows Mail 2015-12-20 11:53 Windows Media Player 2015-12-20 11:49 Windows Multimedia Platform 2013-08-22 10:17 Windows NT 2015-12-20 11:53 Windows Photo Viewer 2015-12-20 11:49 Windows Portable Devices 2013-08-22 10:17 Windows Sidebar 2017-09-26 14:15 WindowsApps 2015-12-20 11:49 WindowsPowerShell 1 File(s) 174 bytes 29 Dir(s) 3˙598˙307˙328 bytes free ========= Koniec CMD: ========= ========= dir /a "C:\Program Files (x86)" ========= Volume in drive C is OS Volume Serial Number is D8C4-1BFD Directory of C:\ File Not Found ========= Koniec CMD: ========= ========= dir /a "C:\Program Files\Common Files\System" ========= Volume in drive C is OS Volume Serial Number is D8C4-1BFD Directory of C:\Program Files\Common Files\System 2015-12-20 11:53 . 2015-12-20 11:53 .. 2017-05-16 17:40 ado 2014-10-29 03:40 27˙648 DirectDB.dll 2013-08-22 09:28 en-US 2015-12-20 11:53 msadc 2016-04-17 09:27 Ole DB 2014-05-12 21:41 pl-PL 2014-10-29 03:09 760˙320 wab32.dll 2013-08-22 06:17 988˙160 wab32res.dll 3 File(s) 1˙776˙128 bytes 7 Dir(s) 3˙598˙307˙328 bytes free ========= Koniec CMD: ========= ========= dir /a "C:\Program Files (x86)\Common Files\System" ========= System nie moľe odnale«† okre˜lonej ˜cieľki. ========= Koniec CMD: ========= ========= dir /a C:\ProgramData ========= Volume in drive C is OS Volume Serial Number is D8C4-1BFD Directory of C:\ProgramData 2017-10-23 18:29 . 2017-10-23 18:29 .. 2013-08-22 09:23 Application Data [C:\ProgramData] 2015-12-02 13:12 AsTouchPanel 2014-05-12 13:27 ASUS WebStorage 2014-05-12 13:26 ASUSLogos 2013-08-22 09:23 Desktop [C:\Users\Public\Desktop] 2013-08-22 09:23 Documents [C:\Users\Public\Documents] 2015-12-02 12:56 Intel 2017-05-25 12:20 Microsoft 2015-12-20 23:19 Microsoft OneDrive 2017-04-05 08:03 Package Cache 2017-10-22 06:07 regid.1991-06.com.microsoft 2012-07-30 08:03 217 SetStretch.cmd 2009-07-22 12:04 24˙576 SetStretch.exe 2012-09-07 13:37 103 SetStretch.VBS 2017-10-11 10:51 Skype 2013-08-22 09:23 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 2013-08-22 09:23 Templates [C:\ProgramData\Microsoft\Windows\Templates] 2014-05-12 13:27 WebStorage 3 File(s) 24˙896 bytes 17 Dir(s) 3˙598˙299˙136 bytes free ========= Koniec CMD: ========= ========= dir /a C:\Users\OK\AppData\Local ========= Volume in drive C is OS Volume Serial Number is D8C4-1BFD Directory of C:\Users\OK\AppData\Local 2017-10-23 18:29 . 2017-10-23 18:29 .. 2017-10-13 09:33 chromium 2017-07-02 03:41 Diagnostics 2017-05-30 20:01 Google 2017-10-04 00:02 53˙231 IconCache.db 2017-08-19 18:30 Microsoft 2017-10-15 16:30 Packages 2017-06-21 05:27 PackageStaging 2017-10-23 18:25 Spotify 2017-10-23 18:29 Temp 2017-06-05 07:18 VirtualStore 2017-10-13 09:34 {125D2401-36F5-48B9-5B6D-6D517F0591C9} 1 File(s) 53˙231 bytes 12 Dir(s) 3˙598˙299˙136 bytes free ========= Koniec CMD: ========= ========= dir /a C:\Users\OK\AppData\LocalLow ========= Volume in drive C is OS Volume Serial Number is D8C4-1BFD Directory of C:\Users\OK\AppData\LocalLow 2017-05-25 13:00 . 2017-05-25 13:00 .. 2017-08-17 21:02 Microsoft 0 File(s) 0 bytes 3 Dir(s) 3˙598˙303˙232 bytes free ========= Koniec CMD: ========= ========= dir /a C:\Users\OK\AppData\Roaming ========= Volume in drive C is OS Volume Serial Number is D8C4-1BFD Directory of C:\Users\OK\AppData\Roaming 2017-10-15 14:33 . 2017-10-15 14:33 .. 2017-07-15 20:29 Adobe 2017-07-15 20:29 Macromedia 2017-07-17 14:56 Microsoft 2017-10-23 18:29 Skype 2017-10-23 18:25 Spotify 2017-10-15 14:33 45 WB.CFG 2015-12-02 14:09 WebStorage 1 File(s) 45 bytes 8 Dir(s) 3˙598˙163˙968 bytes free ========= Koniec CMD: ========= ========= wevtutil el | Foreach-Object {wevtutil cl "$_"} ========= ========= Koniec Powershell: ========= =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7606060 B Java, Flash, Steam htmlcache => 751 B Windows/system/drivers => 332390632 B Edge => 0 B Chrome => 464961909 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B LocalService => 0 B NetworkService => 92126 B OK => 421568399 B RecycleBin => 404044 B EmptyTemp: => 1.2 GB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 18:30:35 ====