Fix result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018 Ran by Szymon (16-08-2018 22:27:20) Run:1 Running from C:\Users\Szymon\Desktop Loaded Profiles: Szymon (Available Profiles: Szymon) Boot Mode: Normal ============================================== fixlist content: ***************** CloseProcesses: Task: {E121AD45-17EE-4EC0-ACFD-22BF449164AC} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe HKU\S-1-5-21-2231754314-4281560237-746509812-1001\...\Command Processor: @mode 20,5 & tasklist /FI "IMAGENAME eq SoundMixer.exe" 2>NUL | find /I /N "SoundMixer.exe">NUL && exit & if exist "C:\Users\Szymon\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe" ( start /MIN "" "C:\Users\Szymon\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe" & tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) else ( tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) <==== ATTENTION C:\Users\Szymon\AppData\Roaming\Microsoft\SoundMixer HKU\S-1-5-21-2231754314-4281560237-746509812-1001\...\MountPoints2: {a1fc19fb-6569-11e6-aa30-d8cb8ac32dcd} - "H:\setup.exe" HKU\S-1-5-21-2231754314-4281560237-746509812-1001\...\MountPoints2: {a1fc1a08-6569-11e6-aa30-d8cb8ac32dcd} - "M:\setup.exe" GroupPolicy: Restriction ? <==== ATTENTION FF HKLM-x32\...\Mozilla Firefox 48.0\Extensions: [Components] - E:\Program Files (x86)\Mozilla Firefox\components => not found FF HKLM-x32\...\Mozilla Firefox 48.0\Extensions: [Plugins] - E:\Program Files (x86)\Mozilla Firefox\plugins => not found FF HKU\S-1-5-21-2231754314-4281560237-746509812-1001\...\Mozilla Firefox 61.0.2\Extensions: [Components] - E:\Program Files (x86)\Mozilla Firefox\components => not found FF HKU\S-1-5-21-2231754314-4281560237-746509812-1001\...\Mozilla Firefox 61.0.2\Extensions: [Plugins] - E:\Program Files (x86)\Mozilla Firefox\plugins => not found S3 cpuz139; \??\E:\temp\cpuz139\cpuz139_x64.sys [X] S3 NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [X] S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X] Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"} EmptyTemp: ***************** Processes closed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E121AD45-17EE-4EC0-ACFD-22BF449164AC}" => removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E121AD45-17EE-4EC0-ACFD-22BF449164AC}" => removed successfully C:\Windows\System32\Tasks\AutoPico Daily Restart => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart" => removed successfully "HKU\S-1-5-21-2231754314-4281560237-746509812-1001\Software\Microsoft\Command Processor\\AutoRun" => removed successfully C:\Users\Szymon\AppData\Roaming\Microsoft\SoundMixer => moved successfully "HKU\S-1-5-21-2231754314-4281560237-746509812-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a1fc19fb-6569-11e6-aa30-d8cb8ac32dcd}" => removed successfully HKLM\Software\Classes\CLSID\{a1fc19fb-6569-11e6-aa30-d8cb8ac32dcd} => not found "HKU\S-1-5-21-2231754314-4281560237-746509812-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a1fc1a08-6569-11e6-aa30-d8cb8ac32dcd}" => removed successfully HKLM\Software\Classes\CLSID\{a1fc1a08-6569-11e6-aa30-d8cb8ac32dcd} => not found C:\Windows\system32\GroupPolicy\Machine => moved successfully C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully "HKLM\Software\Wow6432Node\Mozilla\Mozilla Firefox 48.0\Extensions\\Components" => removed successfully "HKLM\Software\Wow6432Node\Mozilla\Mozilla Firefox 48.0\Extensions\\Plugins" => removed successfully "HKU\S-1-5-21-2231754314-4281560237-746509812-1001\Software\Mozilla\Mozilla Firefox 61.0.2\Extensions\\Components" => removed successfully "HKU\S-1-5-21-2231754314-4281560237-746509812-1001\Software\Mozilla\Mozilla Firefox 61.0.2\Extensions\\Plugins" => removed successfully "HKLM\System\CurrentControlSet\Services\cpuz139" => removed successfully cpuz139 => service removed successfully "HKLM\System\CurrentControlSet\Services\NvStreamKms" => removed successfully NvStreamKms => service removed successfully "HKLM\System\CurrentControlSet\Services\nvvhci" => removed successfully nvvhci => service removed successfully ========= wevtutil el | Foreach-Object {wevtutil cl "$_"} ========= ========= End of Powershell: ========= =========== EmptyTemp: ========== BITS transfer queue => 308208 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 115806805 B Java, Flash, Steam htmlcache => 101698369 B Windows/system/drivers => 0 B Edge => 0 B Chrome => 0 B Firefox => 336513042 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 128 B systemprofile32 => 0 B LocalService => 0 B NetworkService => 128 B Szymon => 8006142 B RecycleBin => 0 B EmptyTemp: => 536.3 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 22:28:18 ====