Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 02.08.2018 Uruchomiony przez Paweł (02-08-2018 23:49:15) Run:2 Uruchomiony z C:\Users\Paweł\Documents\EGDownloads Załadowane profile: Paweł (Dostępne profile: Paweł) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: Task: {56CE1001-9564-4184-B592-720736739B74} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA Task: {809FC168-22B2-4F86-83A1-5250CC3A23B6} - System32\Tasks\{A80FE8B4-ECB0-4F36-6D66-169CBF405EF3} => C:\WINDOWS\SysWOW64\etUopUqNyomu.exe [1601-01-03] (Microsoft Corporation) Task: {96BF1EFA-3FCB-48B0-B4D4-394F9E4E9D95} - System32\Tasks\{2A31C575-A808-A445-6127-08ECBF718AA3} => C:\Users\Paweł\AppData\Local\VjYoUCAysY.exe [1601-01-03] (Microsoft Corporation) C:\WINDOWS\SysWOW64\etUopUqNyomu.exe C:\Users\Paweł\AppData\Local\VjYoUCAysY.exe HKU\S-1-5-21-364653239-3699781212-3866580074-1001\...\Command Processor: @mode 20,5 & tasklist /FI "IMAGENAME eq SoundMixer.exe" 2>NUL | find /I /N "SoundMixer.exe">NUL && exit & if exist "C:\Users\Paweł\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe" ( start /MIN "" "C:\Users\Paweł\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe" & tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) else ( tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) <==== UWAGA C:\Users\Paweł\AppData\Roaming\Microsoft\SoundMixer Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"} EmptyTemp: ***************** Procesy zostały pomyślnie zamknięte. Punkt przywracania został pomyślnie utworzony. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{56CE1001-9564-4184-B592-720736739B74}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56CE1001-9564-4184-B592-720736739B74}" => pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => nie znaleziono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{809FC168-22B2-4F86-83A1-5250CC3A23B6}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{809FC168-22B2-4F86-83A1-5250CC3A23B6}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\{A80FE8B4-ECB0-4F36-6D66-169CBF405EF3} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A80FE8B4-ECB0-4F36-6D66-169CBF405EF3}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{96BF1EFA-3FCB-48B0-B4D4-394F9E4E9D95}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96BF1EFA-3FCB-48B0-B4D4-394F9E4E9D95}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\{2A31C575-A808-A445-6127-08ECBF718AA3} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2A31C575-A808-A445-6127-08ECBF718AA3}" => pomyślnie usunięto C:\WINDOWS\SysWOW64\etUopUqNyomu.exe => pomyślnie przeniesiono C:\Users\Paweł\AppData\Local\VjYoUCAysY.exe => pomyślnie przeniesiono "HKU\S-1-5-21-364653239-3699781212-3866580074-1001\Software\Microsoft\Command Processor\\AutoRun" => pomyślnie usunięto C:\Users\Paweł\AppData\Roaming\Microsoft\SoundMixer => pomyślnie przeniesiono ========= wevtutil el | Foreach-Object {wevtutil cl "$_"} ========= ========= Koniec Powershell: ========= =========== EmptyTemp: ========== BITS transfer queue => 10510336 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 98517479 B Java, Flash, Steam htmlcache => 103404986 B Windows/system/drivers => 2680366 B Edge => 26710 B Chrome => 51148386 B Firefox => 31789707 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 0 B LocalService => 0 B NetworkService => 14120 B NetworkService => 0 B Paweł => 268025857 B RecycleBin => 725198180 B EmptyTemp: => 1.2 GB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 23:52:31 ====