Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 19-11-2017 Uruchomiony przez Gr (21-11-2017 17:52:21) Run:2 Uruchomiony z C:\Users\Gr\Desktop\Nowy folder (3) Załadowane profile: Gr & ReportServer & MSSQLFDLauncher & MSSQLSERVER (Dostępne profile: Gr & ReportServer & MSSQLFDLauncher & MSSQLSERVER) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku Task: {0601453C-71F6-44E3-8ABD-CCD9F1F97003} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA Task: {53EC7382-8349-4510-8DB8-B091BA6C16A1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA Task: {5D4475A5-CA1F-4554-BEC6-BFD5263AA87A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA Task: {68558A1D-7C33-4A4A-9B0F-3711ACDDFF5B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA Task: {725EF1C9-888B-492C-B70F-D9FE39DF6B06} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA Task: {8D1F0180-37DD-4215-9D89-E0F876767C4C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA Task: {904E1DE2-5540-491F-BD2A-2370E083C967} - \CCleanerSkipUAC -> Brak pliku <==== UWAGA Task: {920CE90B-0997-4585-992E-967D7E69EA0E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA Task: {95E3575D-2FE9-43EF-8F3D-659CEC5F07FF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA Task: {BEAC0BB1-6CF7-4835-BA51-BDA155F04F0F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA Task: {E8F513D6-F6C4-49D9-8D94-09D2DBB453F1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA Task: {FB86C0C2-CF61-4CE8-96F8-25AD84A2E376} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA C:\Users\Gr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Software\Opera.lnk BootExecute: autocheck autochk * SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1946104158-849987808-3721883152-1001 -> DefaultScope {5FD446F9-67A5-4242-B780-AA7660820338} URL = SearchScopes: HKU\S-1-5-21-1946104158-849987808-3721883152-1001 -> {5FD446F9-67A5-4242-B780-AA7660820338} URL = S2 NvStreamSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe" [X] S3 esgiguard; \??\C:\Program Files (x86)\Malware Hunter Suite\esgiguard.sys [X] DeleteKey: HKLM\SOFTWARE\Google\Chrome\Extensions DeleteKey: HKCU\Software\Mozilla DeleteKey: HKCU\Software\MozillaPlugins DeleteKey: HKLM\SOFTWARE\Mozilla DeleteKey: HKLM\SOFTWARE\MozillaPlugins DeleteKey: HKLM\SOFTWARE\Wow6432Node\Mozilla DeleteKey: HKLM\SOFTWARE\Wow6432Node\mozilla.org DeleteKey: HKLM\SOFTWARE\Wow6432Node\MozillaPlugins C:\Users\Gr\AppData\Local\Mozilla C:\Users\Gr\AppData\Roaming\Mozilla C:\Users\Gr\AppData\Roaming\Profiles Folder: C:\WINDOWS\SysWOW64\3082 Folder: C:\WINDOWS\system32\1028 Hosts: CMD: netsh advfirewall reset EmptyTemp: ***************** Procesy zostały pomyślnie zamknięte. Punkt przywracania został pomyślnie utworzony. HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => klucz pomyślnie usunięto HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0601453C-71F6-44E3-8ABD-CCD9F1F97003} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0601453C-71F6-44E3-8ABD-CCD9F1F97003} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{53EC7382-8349-4510-8DB8-B091BA6C16A1} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53EC7382-8349-4510-8DB8-B091BA6C16A1} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5D4475A5-CA1F-4554-BEC6-BFD5263AA87A} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D4475A5-CA1F-4554-BEC6-BFD5263AA87A} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{68558A1D-7C33-4A4A-9B0F-3711ACDDFF5B} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68558A1D-7C33-4A4A-9B0F-3711ACDDFF5B} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{725EF1C9-888B-492C-B70F-D9FE39DF6B06} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{725EF1C9-888B-492C-B70F-D9FE39DF6B06} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8D1F0180-37DD-4215-9D89-E0F876767C4C} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D1F0180-37DD-4215-9D89-E0F876767C4C} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{904E1DE2-5540-491F-BD2A-2370E083C967} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{904E1DE2-5540-491F-BD2A-2370E083C967} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{920CE90B-0997-4585-992E-967D7E69EA0E} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{920CE90B-0997-4585-992E-967D7E69EA0E} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{95E3575D-2FE9-43EF-8F3D-659CEC5F07FF} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95E3575D-2FE9-43EF-8F3D-659CEC5F07FF} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BEAC0BB1-6CF7-4835-BA51-BDA155F04F0F} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BEAC0BB1-6CF7-4835-BA51-BDA155F04F0F} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E8F513D6-F6C4-49D9-8D94-09D2DBB453F1} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8F513D6-F6C4-49D9-8D94-09D2DBB453F1} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FB86C0C2-CF61-4CE8-96F8-25AD84A2E376} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB86C0C2-CF61-4CE8-96F8-25AD84A2E376} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => klucz pomyślnie usunięto C:\Users\Gr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Software\Opera.lnk => pomyślnie przeniesiono HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Wartość pomyślnie przywrócono HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie usunięto HKU\S-1-5-21-1946104158-849987808-3721883152-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie usunięto HKU\S-1-5-21-1946104158-849987808-3721883152-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5FD446F9-67A5-4242-B780-AA7660820338} => klucz pomyślnie usunięto HKLM\Software\Classes\CLSID\{5FD446F9-67A5-4242-B780-AA7660820338} => klucz nie znaleziono. HKLM\System\CurrentControlSet\Services\NvStreamSvc => klucz pomyślnie usunięto NvStreamSvc => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\esgiguard => klucz pomyślnie usunięto esgiguard => serwis pomyślnie usunięto HKLM\SOFTWARE\Google\Chrome\Extensions => klucz nie znaleziono. HKCU\Software\Mozilla => klucz pomyślnie usunięto HKCU\Software\MozillaPlugins => klucz pomyślnie usunięto HKLM\SOFTWARE\Mozilla => klucz nie znaleziono. HKLM\SOFTWARE\MozillaPlugins => klucz pomyślnie usunięto HKLM\SOFTWARE\Wow6432Node\Mozilla => klucz nie znaleziono. HKLM\SOFTWARE\Wow6432Node\mozilla.org => klucz nie znaleziono. HKLM\SOFTWARE\Wow6432Node\MozillaPlugins => klucz pomyślnie usunięto "C:\Users\Gr\AppData\Local\Mozilla" => nie znaleziono. "C:\Users\Gr\AppData\Roaming\Mozilla" => nie znaleziono. "C:\Users\Gr\AppData\Roaming\Profiles" => nie znaleziono. ========================= Folder: C:\WINDOWS\SysWOW64\3082 ======================== 2017-06-21 21:26 - 2017-06-21 21:26 - 000086384 ____A [7AC93627BD8171AA605FC54A45F0AAC7] (Microsoft Corporation) C:\WINDOWS\SysWOW64\3082\VsGraphicsResources.dll 2017-06-06 21:43 - 2017-06-06 21:43 - 000029536 ____A [7F1334375B8298111FFD9F47AB803E03] (Microsoft Corporation) C:\WINDOWS\SysWOW64\3082\vsjitdebuggerui.dll ====== Koniec Folder: ====== ========================= Folder: C:\WINDOWS\system32\1028 ======================== 2017-06-21 19:58 - 2017-06-21 19:58 - 000083312 ____A [8F53B89BB4373E4FAAB9E533550BF946] (Microsoft Corporation) C:\WINDOWS\system32\1028\VsGraphicsResources.dll 2017-06-06 22:02 - 2017-06-06 22:02 - 000024928 ____A [E9FFCFD8B96ECFCB057983A9E246A113] (Microsoft Corporation) C:\WINDOWS\system32\1028\vsjitdebuggerui.dll ====== Koniec Folder: ====== C:\Windows\System32\Drivers\etc\hosts => pomyślnie przeniesiono Hosts pomyślnie przywrócono. ========= netsh advfirewall reset ========= Ok. ========= Koniec CMD: ========= =========== EmptyTemp: ========== BITS transfer queue => 7888896 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 22810917 B Java, Flash, Steam htmlcache => 324943509 B Windows/system/drivers => 1222407 B Edge => 250458269 B Chrome => 0 B Firefox => 0 B Opera => 532003674 B Temp, IE cache, history, cookies, recent: Default => 7680 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 128 B systemprofile32 => 128 B LocalService => 0 B NetworkService => 1237244 B Gr => 777557267 B ReportServer => 0 B MSSQLFDLauncher => 0 B MSSQLSERVER => 0 B RecycleBin => 276887 B EmptyTemp: => 1.8 GB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 17:56:00 ====