Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 02.08.2018 Uruchomiony przez Bambus (10-08-2018 20:07:27) Run:1 Uruchomiony z C:\Users\wsad9\Desktop\frst Załadowane profile: Bambus (Dostępne profile: Bambus) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: Task: {AB91E154-9E5F-47DA-8C48-4243D88ED86F} - \{A2AFFC57-B8FB-BACC-3722-770BB41EE5C3} -> Brak pliku <==== UWAGA Task: {BF16D2AB-D396-4948-9E66-AADDB2934633} - \{C760898B-A3A6-2779-1CAC-36D8DE7406DF} -> Brak pliku <==== UWAGA Task: {D71D056C-3227-42C8-939B-AE6F21F1CDCB} - \{B5AA6D86-249E-886B-6C20-2A4DB0CF0404} -> Brak pliku <==== UWAGA SearchScopes: HKU\S-1-5-21-2064025434-2601485288-2187366082-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 2018-04-12 01:34 - 2018-04-12 01:34 - 000059904 ____N (Microsoft Corporation) C:\Users\wsad9\iukhe.exe 2018-04-12 01:34 - 2018-04-12 01:34 - 000178688 ____N (Microsoft Corporation) C:\Program Files (x86)\WbwDEEyIoOeJ.exe C:\WINDOWS\ldMyTNIyEsGe.exe VirusTotal: C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe VirusTotal: C:\Users\wsad9\AppData\Local\imw.ini CMD: netsh advfirewall reset DeleteKey: HKCU\Software\Mozilla DeleteKey: HKCU\Software\MozillaPlugins DeleteKey: HKLM\SOFTWARE\Mozilla DeleteKey: HKLM\SOFTWARE\MozillaPlugins DeleteKey: HKLM\SOFTWARE\Wow6432Node\Mozilla DeleteKey: HKLM\SOFTWARE\Wow6432Node\mozilla.org DeleteKey: HKLM\SOFTWARE\Wow6432Node\MozillaPlugins C:\Users\wsad9\AppData\Local\Mozilla C:\Users\wsad9\AppData\Roaming\Mozilla C:\Users\wsad9\AppData\Roaming\Profiles Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"} EmptyTemp: ***************** Procesy zostały pomyślnie zamknięte. Punkt przywracania został pomyślnie utworzony. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AB91E154-9E5F-47DA-8C48-4243D88ED86F}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB91E154-9E5F-47DA-8C48-4243D88ED86F}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A2AFFC57-B8FB-BACC-3722-770BB41EE5C3}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BF16D2AB-D396-4948-9E66-AADDB2934633}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF16D2AB-D396-4948-9E66-AADDB2934633}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C760898B-A3A6-2779-1CAC-36D8DE7406DF}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D71D056C-3227-42C8-939B-AE6F21F1CDCB}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D71D056C-3227-42C8-939B-AE6F21F1CDCB}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B5AA6D86-249E-886B-6C20-2A4DB0CF0404}" => pomyślnie usunięto "HKU\S-1-5-21-2064025434-2601485288-2187366082-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => pomyślnie usunięto C:\Users\wsad9\iukhe.exe => pomyślnie przeniesiono C:\Program Files (x86)\WbwDEEyIoOeJ.exe => pomyślnie przeniesiono C:\WINDOWS\ldMyTNIyEsGe.exe => pomyślnie przeniesiono VirusTotal: C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe => https://www.virustotal.com/file/9e370fedbdcbd4645683566bd48dba0d4fbc009db7e661e6a6515d174faa8aed/analysis/1533889310/ VirusTotal: C:\Users\wsad9\AppData\Local\imw.ini => https://www.virustotal.com/file/6c179f21e6f62b629055d8ab40f454ed02e48b68563913473b857d3638e23b28/analysis/1533889928/ ========= netsh advfirewall reset ========= Ok. ========= Koniec CMD: ========= HKCU\Software\Mozilla => nie znaleziono HKCU\Software\MozillaPlugins => nie znaleziono HKLM\SOFTWARE\Mozilla => nie znaleziono HKLM\SOFTWARE\MozillaPlugins => nie znaleziono HKLM\SOFTWARE\Wow6432Node\Mozilla => nie znaleziono HKLM\SOFTWARE\Wow6432Node\mozilla.org => nie znaleziono "HKLM\SOFTWARE\Wow6432Node\MozillaPlugins" => pomyślnie usunięto "C:\Users\wsad9\AppData\Local\Mozilla" => nie znaleziono "C:\Users\wsad9\AppData\Roaming\Mozilla" => nie znaleziono "C:\Users\wsad9\AppData\Roaming\Profiles" => nie znaleziono ========= wevtutil el | Foreach-Object {wevtutil cl "$_"} ========= ========= Koniec Powershell: ========= =========== EmptyTemp: ========== BITS transfer queue => 7888896 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 45108000 B Java, Flash, Steam htmlcache => 365598241 B Windows/system/drivers => 2060041 B Edge => 712562 B Chrome => 776350466 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 0 B LocalService => 0 B NetworkService => 79504 B NetworkService => 0 B wsad9 => 231489965 B RecycleBin => 2341144 B EmptyTemp: => 1.3 GB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 20:08:03 ====