Fix result of Farbar Recovery Scan Tool (x64) Version: 02.01.2018 Ran by Kaczuszka (08-01-2018 20:37:25) Run:1 Running from C:\Users\Kaczuszka\Desktop\Programy Loaded Profiles: Kaczuszka (Available Profiles: Kaczuszka) Boot Mode: Normal ============================================== fixlist content: ***************** CloseProcesses: CreateRestorePoint: C:\ProgramData\Mail.Ru C:\ProgramData\Application Data\Mail.Ru C:\Users\All Users\Mail.Ru C:\Users\Kaczuszka\AppData\Local\Mail.Ru C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Вконтакте.lnk C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Вконтакте.lnk C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Одноклассники.lnk C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Одноклассники.lnk C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Amigo.lnk C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amigo.lnk DeleteKey: HKU\S-1-5-21-926443373-218334621-2797000802-1001\Software\Mail.Ru DeleteKey: HKU\S-1-5-21-926443373-218334621-2797000802-1001\Software\AppDataLow\Software\Mail.Ru DeleteKey: HKCU\Software\Mail.Ru DeleteKey: HKCU\Software\AppDataLow\Software\Mail.Ru DeleteKey: HKCU\Software\Google\Chrome\NativeMessagingHosts\ru.mail.go.ext_info_host DeleteKey: HKU\S-1-5-21-926443373-218334621-2797000802-1001\Software\Amigo DeleteKey: HKCU\Software\Amigo C:\ProgramData\Microsoft\Windows\GameExplorer\{4A23D193-82A4-4BBF-BBC3-EC7C2218E5E6}\SupportTasks\2\Visit Ubisoft website.lnk C:\ProgramData\Microsoft\Windows\GameExplorer\{4A23D193-82A4-4BBF-BBC3-EC7C2218E5E6}\SupportTasks\1\Visit Techland website.lnk C:\ProgramData\Microsoft\Windows\GameExplorer\{4A23D193-82A4-4BBF-BBC3-EC7C2218E5E6}\SupportTasks\0\Visit Call of Juarez - Bound in Blood website.lnk C:\Users\Kaczuszka\AppData\Local\Microsoft\Windows\GameExplorer\{4A23D193-82A4-4BBF-BBC3-EC7C2218E5E6}\SupportTasks\2\Visit Ubisoft website.lnk C:\Users\Kaczuszka\AppData\Local\Microsoft\Windows\GameExplorer\{4A23D193-82A4-4BBF-BBC3-EC7C2218E5E6}\SupportTasks\1\Visit Techland website.lnk C:\Users\Kaczuszka\AppData\Local\Microsoft\Windows\GameExplorer\{4A23D193-82A4-4BBF-BBC3-EC7C2218E5E6}\SupportTasks\0\Visit Call of Juarez - Bound in Blood website.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soldat.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer\San Andreas Multiplayer.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer\Uninstall.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Portal 2\Portal 2.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Portal 2\Uninstall Portal 2.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games\Alice Madness Returns\Alice Madness Returns.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games\Alice Madness Returns\Uninstall Alice Madness Returns.lnk C:\Users\Kaczuszka\Desktop\Programy\Malwarebytes.lnk C:\Users\Kaczuszka\Desktop\Gry\Run Republic.lnk C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eidos Interactive\Elixir Studios\Republic\Readme.lnk C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eidos Interactive\Elixir Studios\Republic\Run Republic.lnk C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eidos Interactive\Elixir Studios\Republic\Weblinks\Eidos Tech Support.lnk C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eidos Interactive\Elixir Studios\Republic\Weblinks\Eidos.com.lnk C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Office\Niedawny\ds11.LNK C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Office\Niedawny\Skuterowo-com-Umowa-Kupna-Sprzedazy (1).LNK C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amigo Apps C:\Users\Kaczuszka\AppData\Local\Amigo HKU\S-1-5-21-926443373-218334621-2797000802-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION CHR HKU\S-1-5-21-926443373-218334621-2797000802-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ccfifbojenkenpkmnbnndeadpfdiffof] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-926443373-218334621-2797000802-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [odijcgafkhpobjlnfdgiacpdenpmbgme] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-926443373-218334621-2797000802-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [phkdcinmmljblpnkohlipaiodlonpinf] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-926443373-218334621-2797000802-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pmpoaahleccaibbhfjfimigepmfmmbbk] - hxxps://clients2.google.com/service/update2/crx S3 appdrv01.fs.{3A57190D-8B3A-4928-A98E-F9478E88DE20}; System32\Drivers\appdrv01.fs.{3A57190D-8B3A-4928-A98E-F9478E88DE20}.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] DeleteKey: HKCU\Software\Mozilla DeleteKey: HKCU\Software\MozillaPlugins DeleteKey: HKLM\SOFTWARE\Mozilla DeleteKey: HKLM\SOFTWARE\MozillaPlugins DeleteKey: HKLM\SOFTWARE\Wow6432Node\Mozilla DeleteKey: HKLM\SOFTWARE\Wow6432Node\mozilla.org DeleteKey: HKLM\SOFTWARE\Wow6432Node\MozillaPlugins C:\Users\Kaczuszka\AppData\Local\Mozilla C:\Users\Kaczuszka\AppData\Roaming\Mozilla C:\Users\Kaczuszka\AppData\Roaming\Profiles Hosts: Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"} EmptyTemp: ***************** Processes closed successfully. Restore point was successfully created. "C:\ProgramData\Mail.Ru" => not found "C:\ProgramData\Application Data\Mail.Ru" => not found "C:\Users\All Users\Mail.Ru" => not found "C:\Users\Kaczuszka\AppData\Local\Mail.Ru" => not found "C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Вконтакте.lnk" => not found "C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Вконтакте.lnk" => not found "C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Одноклассники.lnk" => not found "C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Одноклассники.lnk" => not found "C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Amigo.lnk" => not found "C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amigo.lnk" => not found HKU\S-1-5-21-926443373-218334621-2797000802-1001\Software\Mail.Ru => key not found HKU\S-1-5-21-926443373-218334621-2797000802-1001\Software\AppDataLow\Software\Mail.Ru => key not found HKCU\Software\Mail.Ru => key not found HKCU\Software\AppDataLow\Software\Mail.Ru => key not found HKCU\Software\Google\Chrome\NativeMessagingHosts\ru.mail.go.ext_info_host => key not found HKU\S-1-5-21-926443373-218334621-2797000802-1001\Software\Amigo => key not found HKCU\Software\Amigo => key not found C:\ProgramData\Microsoft\Windows\GameExplorer\{4A23D193-82A4-4BBF-BBC3-EC7C2218E5E6}\SupportTasks\2\Visit Ubisoft website.lnk => moved successfully C:\ProgramData\Microsoft\Windows\GameExplorer\{4A23D193-82A4-4BBF-BBC3-EC7C2218E5E6}\SupportTasks\1\Visit Techland website.lnk => moved successfully C:\ProgramData\Microsoft\Windows\GameExplorer\{4A23D193-82A4-4BBF-BBC3-EC7C2218E5E6}\SupportTasks\0\Visit Call of Juarez - Bound in Blood website.lnk => moved successfully C:\Users\Kaczuszka\AppData\Local\Microsoft\Windows\GameExplorer\{4A23D193-82A4-4BBF-BBC3-EC7C2218E5E6}\SupportTasks\2\Visit Ubisoft website.lnk => moved successfully C:\Users\Kaczuszka\AppData\Local\Microsoft\Windows\GameExplorer\{4A23D193-82A4-4BBF-BBC3-EC7C2218E5E6}\SupportTasks\1\Visit Techland website.lnk => moved successfully C:\Users\Kaczuszka\AppData\Local\Microsoft\Windows\GameExplorer\{4A23D193-82A4-4BBF-BBC3-EC7C2218E5E6}\SupportTasks\0\Visit Call of Juarez - Bound in Blood website.lnk => moved successfully C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soldat.lnk => moved successfully C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer\San Andreas Multiplayer.lnk => moved successfully C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer\Uninstall.lnk => moved successfully C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Portal 2\Portal 2.lnk => moved successfully C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Portal 2\Uninstall Portal 2.lnk => moved successfully C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games\Alice Madness Returns\Alice Madness Returns.lnk => moved successfully C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games\Alice Madness Returns\Uninstall Alice Madness Returns.lnk => moved successfully C:\Users\Kaczuszka\Desktop\Programy\Malwarebytes.lnk => moved successfully C:\Users\Kaczuszka\Desktop\Gry\Run Republic.lnk => moved successfully C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk => moved successfully C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk => moved successfully C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eidos Interactive\Elixir Studios\Republic\Readme.lnk => moved successfully C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eidos Interactive\Elixir Studios\Republic\Run Republic.lnk => moved successfully C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eidos Interactive\Elixir Studios\Republic\Weblinks\Eidos Tech Support.lnk => moved successfully C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eidos Interactive\Elixir Studios\Republic\Weblinks\Eidos.com.lnk => moved successfully C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Office\Niedawny\ds11.LNK => moved successfully C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Office\Niedawny\Skuterowo-com-Umowa-Kupna-Sprzedazy (1).LNK => moved successfully C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amigo Apps => moved successfully "C:\Users\Kaczuszka\AppData\Local\Amigo" => not found "HKU\S-1-5-21-926443373-218334621-2797000802-1001\Software\Classes\regfile" => removed successfully "HKU\S-1-5-21-926443373-218334621-2797000802-1001\SOFTWARE\Google\Chrome\Extensions\ccfifbojenkenpkmnbnndeadpfdiffof" => removed successfully "HKU\S-1-5-21-926443373-218334621-2797000802-1001\SOFTWARE\Google\Chrome\Extensions\odijcgafkhpobjlnfdgiacpdenpmbgme" => removed successfully "HKU\S-1-5-21-926443373-218334621-2797000802-1001\SOFTWARE\Google\Chrome\Extensions\phkdcinmmljblpnkohlipaiodlonpinf" => removed successfully "HKU\S-1-5-21-926443373-218334621-2797000802-1001\SOFTWARE\Google\Chrome\Extensions\pmpoaahleccaibbhfjfimigepmfmmbbk" => removed successfully "HKLM\System\CurrentControlSet\Services\appdrv01.fs.{3A57190D-8B3A-4928-A98E-F9478E88DE20}" => removed successfully appdrv01.fs.{3A57190D-8B3A-4928-A98E-F9478E88DE20} => service removed successfully "HKLM\System\CurrentControlSet\Services\VGPU" => removed successfully VGPU => service removed successfully HKCU\Software\Mozilla => key not found "HKCU\Software\MozillaPlugins" => removed successfully HKLM\SOFTWARE\Mozilla => key not found "HKLM\SOFTWARE\MozillaPlugins" => removed successfully HKLM\SOFTWARE\Wow6432Node\Mozilla => key not found HKLM\SOFTWARE\Wow6432Node\mozilla.org => key not found "HKLM\SOFTWARE\Wow6432Node\MozillaPlugins" => removed successfully "C:\Users\Kaczuszka\AppData\Local\Mozilla" => not found "C:\Users\Kaczuszka\AppData\Roaming\Mozilla" => not found "C:\Users\Kaczuszka\AppData\Roaming\Profiles" => not found C:\Windows\System32\Drivers\etc\hosts => moved successfully Hosts restored successfully. ========= wevtutil el | Foreach-Object {wevtutil cl "$_"} ========= ========= End of Powershell: ========= =========== EmptyTemp: ========== BITS transfer queue => 0 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14880105 B Java, Flash, Steam htmlcache => 57758030 B Windows/system/drivers => 8368968 B Edge => 0 B Chrome => 545201030 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 17855 B systemprofile32 => 112908 B LocalService => 132244 B NetworkService => 692 B Kaczuszka => 13786051 B RecycleBin => 0 B EmptyTemp: => 610.6 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 20:39:53 ====