Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 25.04.2018 Uruchomiony przez piokrz (25-09-2018 23:37:01) Run:3 Uruchomiony z C:\Users\piokr\Desktop\frst Załadowane profile: piokrz (Dostępne profile: piokrz) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** HKLM-x32\...\Run: [chrome] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1469784 2018-09-15] (Google Inc.) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== UWAGA HKU\S-1-5-21-1716316380-3118326321-44774493-1001\...\Winlogon: [Shell] C:\Windows\System32\cmd.exe [273920 2018-04-12] (Microsoft Corporation) <==== UWAGA HKU\S-1-5-21-1716316380-3118326321-44774493-1001\...\Command Processor: @mode 20,5 & tasklist /FI "IMAGENAME eq SoundMixer.exe" 2>NUL | find /I /N "SoundMixer.exe">NUL && exit & if exist ( start /MIN "" & tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) else ( tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) <==== UWAGA HKU\S-1-5-21-1716316380-3118326321-44774493-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://pl.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10454__180503__yaie SearchScopes: HKU\S-1-5-21-1716316380-3118326321-44774493-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://pl.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10454__180503__yaie&p={searchTerms} FF Homepage: Mozilla\Firefox\Profiles\lt09b10q.default -> hxxps://pl.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10454__180503__yaff FF NewTab: Mozilla\Firefox\Profiles\lt09b10q.default -> hxxps://pl.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10454__180503__yaff S2 0136481532873185mcinstcleanup; C:\Users\piokr\AppData\Local\Temp\013648~1.EXE -cleanup -nolog [X] <==== UWAGA VirusTotal: C:\WINDOWS\system32\dxgiadaptercache.exe EmptyTemp: ***************** "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\chrome" => pomyślnie usunięto HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== UWAGA => pomyślnie przywrócono "HKU\S-1-5-21-1716316380-3118326321-44774493-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell" => pomyślnie usunięto "HKU\S-1-5-21-1716316380-3118326321-44774493-1001\Software\Microsoft\Command Processor\\AutoRun" => pomyślnie usunięto HKU\S-1-5-21-1716316380-3118326321-44774493-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono "HKU\S-1-5-21-1716316380-3118326321-44774493-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}" => pomyślnie usunięto HKLM\Software\Classes\CLSID\{C0C3A6C6-03BC-4195-8FCB-AEA091301353} => nie znaleziono "Firefox homepage" => pomyślnie usunięto "Firefox newtab" => pomyślnie usunięto "HKLM\System\CurrentControlSet\Services\0136481532873185mcinstcleanup" => pomyślnie usunięto 0136481532873185mcinstcleanup => serwis pomyślnie usunięto VirusTotal: C:\WINDOWS\system32\dxgiadaptercache.exe => https://www.virustotal.com/file/5e51ab3594d8b1e451da1180faf2a0e6d597725b8e63c4928b66e1dba5d9cb86/analysis/1537875780/ =========== EmptyTemp: ========== BITS transfer queue => 9461760 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19201826 B Java, Flash, Steam htmlcache => 32184639 B Windows/system/drivers => 3275075 B Edge => 3584 B Chrome => 763149904 B Firefox => 379835429 B Opera => 84209260 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 24582 B LocalService => 0 B NetworkService => 4848 B NetworkService => 0 B piokr => 295882126 B RecycleBin => 532431 B EmptyTemp: => 1.5 GB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 23:37:27 ====