Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 02.08.2018
Uruchomiony przez user (17-08-2018 09:02:55) Run:9
Uruchomiony z C:\Users\user\Desktop\FRST
Załadowane profile: user (Dostępne profile: defaultuser0 & user)
Tryb startu: Normal
==============================================

fixlist - zawartość:
*****************
CloseProcesses:
CreateRestorePoint:
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] - hxxps://clients2.google.com/service/update2/crx
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run32: => "WidgetPodatnikInfo"
HKU\S-1-5-21-3244572619-1344660955-1707226054-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3244572619-1344660955-1707226054-1001\...\StartupApproved\Run: => "Screenpresso"
Task: {A0784DAA-45C3-433C-A00F-35051F546818} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grinding Gear Games
C:\Users\user\AppData\Local\NET.Framework SDK
C:\Users\user\AppData\Local\Peer.Net
C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\395fbb84ca74fb25\Comodo Dragon.lnk
Zip: C:\Users\user\AppData\Roaming\Opera Software\Opera Stable
Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"}
EmptyTemp:
*****************

Procesy zostały pomyślnie zamknięte.
Punkt przywracania został pomyślnie utworzony.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck" => pomyślnie usunięto
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ofoeigeaodhbjogdigckajfhjbonaofg" => pomyślnie usunięto
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\RTHDVCPL" => pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\RTHDVCPL" => pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\WidgetPodatnikInfo" => pomyślnie usunięto
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\WidgetPodatnikInfo" => nie znaleziono
"HKU\S-1-5-21-3244572619-1344660955-1707226054-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Steam" => pomyślnie usunięto
"HKU\S-1-5-21-3244572619-1344660955-1707226054-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Steam" => nie znaleziono
"HKU\S-1-5-21-3244572619-1344660955-1707226054-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Screenpresso" => pomyślnie usunięto
"HKU\S-1-5-21-3244572619-1344660955-1707226054-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Screenpresso" => nie znaleziono
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A0784DAA-45C3-433C-A00F-35051F546818}" => pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0784DAA-45C3-433C-A00F-35051F546818}" => pomyślnie usunięto
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Setup\Notifier => pomyślnie przeniesiono
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\Notifier" => pomyślnie usunięto
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grinding Gear Games => pomyślnie przeniesiono
C:\Users\user\AppData\Local\NET.Framework SDK => pomyślnie przeniesiono
C:\Users\user\AppData\Local\Peer.Net => pomyślnie przeniesiono
C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\395fbb84ca74fb25\Comodo Dragon.lnk => pomyślnie przeniesiono
================== Zip: ===================
C:\Users\user\AppData\Roaming\Opera Software\Opera Stable -> pomyślnie skopiowano do C:\Users\user\Desktop\17.08.2018_09.03.31.zip
=========== Zip: Koniec ===========

========= wevtutil el | Foreach-Object {wevtutil cl "$_"} =========


========= Koniec  Powershell: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 269057362 B
Java, Flash, Steam htmlcache => 719524 B
Windows/system/drivers => 7735553 B
Edge => 40234 B
Chrome => 162834 B
Firefox => 17007771 B
Opera => 390709587 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 912 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
defaultuser0 => 0 B
user => 9866687 B

RecycleBin => 4182761 B
EmptyTemp: => 677.4 MB danych tymczasowych Usunięto.

================================


System wymagał restartu.

==== Koniec  Fixlog 09:05:56 ====