Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 30-09-2016 Uruchomiony przez natal (01-10-2016 20:28:09) Run:3 Uruchomiony z C:\Users\natal\Desktop Załadowane profile: natal (Dostępne profile: natal) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: R2 UvConverter; C:\ProgramData\UvConverter\UvConverter.exe [437248 2016-09-29] () [Brak podpisu cyfrowego] SS4 Sunshinesvc; C:\Program Files (x86)\Corner Sunshine\sunshinesvc.dll [X] CHR StartupUrls: Default -> "hxxp://www.mylucky123.com/?type=hp&ts=1475213052&z=e20885c8860f656d0e8d18dg5zfmdwco8gccbecw5g&from=uvc0929&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF865034Z" Edge HomeButtonPage: HKU\S-1-5-21-994918294-1171295045-2541185440-1001 -> hxxp://www.mylucky123.com/?type=hp&ts=1475213052&z=e20885c8860f656d0e8d18dg5zfmdwco8gccbecw5g&from=uvc0929&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF865034Z HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mylucky123.com/?type=hp&ts=1475213052&z=e20885c8860f656d0e8d18dg5zfmdwco8gccbecw5g&from=uvc0929&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF865034Z HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mylucky123.com/?type=hp&ts=1475213052&z=e20885c8860f656d0e8d18dg5zfmdwco8gccbecw5g&from=uvc0929&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF865034Z HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mylucky123.com/search/?type=ds&ts=1475213052&z=e20885c8860f656d0e8d18dg5zfmdwco8gccbecw5g&from=uvc0929&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF865034Z&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mylucky123.com/search/?type=ds&ts=1475213052&z=e20885c8860f656d0e8d18dg5zfmdwco8gccbecw5g&from=uvc0929&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF865034Z&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mylucky123.com/?type=hp&ts=1475213052&z=e20885c8860f656d0e8d18dg5zfmdwco8gccbecw5g&from=uvc0929&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF865034Z HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mylucky123.com/?type=hp&ts=1475213052&z=e20885c8860f656d0e8d18dg5zfmdwco8gccbecw5g&from=uvc0929&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF865034Z HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mylucky123.com/search/?type=ds&ts=1475213052&z=e20885c8860f656d0e8d18dg5zfmdwco8gccbecw5g&from=uvc0929&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF865034Z&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mylucky123.com/search/?type=ds&ts=1475213052&z=e20885c8860f656d0e8d18dg5zfmdwco8gccbecw5g&from=uvc0929&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF865034Z&q={searchTerms} HKU\S-1-5-21-994918294-1171295045-2541185440-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mylucky123.com/?type=hp&ts=1475213052&z=e20885c8860f656d0e8d18dg5zfmdwco8gccbecw5g&from=uvc0929&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF865034Z HKU\S-1-5-21-994918294-1171295045-2541185440-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mylucky123.com/?type=hp&ts=1475213052&z=e20885c8860f656d0e8d18dg5zfmdwco8gccbecw5g&from=uvc0929&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF865034Z SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mylucky123.com/search/?type=ds&ts=1475213052&z=e20885c8860f656d0e8d18dg5zfmdwco8gccbecw5g&from=uvc0929&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF865034Z&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mylucky123.com/search/?type=ds&ts=1475213052&z=e20885c8860f656d0e8d18dg5zfmdwco8gccbecw5g&from=uvc0929&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF865034Z&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mylucky123.com/search/?type=ds&ts=1475213052&z=e20885c8860f656d0e8d18dg5zfmdwco8gccbecw5g&from=uvc0929&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF865034Z&q={searchTerms} SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mylucky123.com/search/?type=ds&ts=1475213052&z=e20885c8860f656d0e8d18dg5zfmdwco8gccbecw5g&from=uvc0929&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF865034Z&q={searchTerms} SearchScopes: HKU\S-1-5-21-994918294-1171295045-2541185440-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mylucky123.com/search/?type=ds&ts=1475213052&z=e20885c8860f656d0e8d18dg5zfmdwco8gccbecw5g&from=uvc0929&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF865034Z&q={searchTerms} SearchScopes: HKU\S-1-5-21-994918294-1171295045-2541185440-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mylucky123.com/search/?type=ds&ts=1475213052&z=e20885c8860f656d0e8d18dg5zfmdwco8gccbecw5g&from=uvc0929&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF865034Z&q={searchTerms} SearchScopes: HKU\S-1-5-21-994918294-1171295045-2541185440-1001 -> {5586413B-D1E6-4D81-85FC-A32CE0B6D275} URL = hxxps://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=435371&p={searchTerms} Reg: reg delete "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy" /v ProtectedHomepages /f Reg: reg delete "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy" /v ProtectedSearchScopes /f Reg: reg delete "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\OpenSearch" /f HKU\S-1-5-21-994918294-1171295045-2541185440-1001\...\Run: [Akamai NetSession Interface] => "C:\Users\natal\AppData\Local\Akamai\netsession_win.exe" HKU\S-1-5-21-994918294-1171295045-2541185440-1001\...\Policies\Explorer: [] HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\13027460.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\13027460.sys => ""="Driver" DeleteKey: HKLM\SOFTWARE\Mozilla DeleteKey: HKLM\SOFTWARE\MozillaPlugins DeleteKey: HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions DeleteKey: HKLM\SOFTWARE\Wow6432Node\Mozilla DeleteKey: HKLM\SOFTWARE\Wow6432Node\MozillaPlugins C:\Program Files (x86)\uvconvrx_00000000 C:\ProgramData\corss C:\ProgramData\cosun C:\ProgramData\McAfee C:\ProgramData\UvConverter C:\ProgramData\Tencent C:\Users\natal\AppData\Local\Legness C:\Users\natal\AppData\Roaming\version2.xml C:\Users\natal\AppData\Roaming\Corner Sunshine C:\Users\Public\Documents\temp.dat C:\WINDOWS\system32\log C:\WINDOWS\SysWOW64\data.bin CMD: netsh advfirewall reset EmptyTemp: ***************** Procesy zostały pomyślnie zamknięte. Punkt przywracania został pomyślnie utworzony. UvConverter => serwis nie znaleziono. SS4 Sunshinesvc; C:\Program Files (x86)\Corner Sunshine\sunshinesvc.dll [X] => Błąd: Nie znaleziono automatycznej naprawy dla tego wejścia. Chrome StartupUrls => pomyślnie usunięto HKU\S-1-5-21-994918294-1171295045-2541185440-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\\HomeButtonPage => Wartość pomyślnie usunięto HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono HKU\S-1-5-21-994918294-1171295045-2541185440-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono HKU\S-1-5-21-994918294-1171295045-2541185440-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie przywrócono HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => klucz nie znaleziono. HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => klucz nie znaleziono. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie przywrócono HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => klucz nie znaleziono. HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => klucz nie znaleziono. HKU\S-1-5-21-994918294-1171295045-2541185440-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie usunięto "HKU\S-1-5-21-994918294-1171295045-2541185440-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => klucz pomyślnie usunięto HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => klucz nie znaleziono. "HKU\S-1-5-21-994918294-1171295045-2541185440-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5586413B-D1E6-4D81-85FC-A32CE0B6D275}" => klucz pomyślnie usunięto HKCR\CLSID\{5586413B-D1E6-4D81-85FC-A32CE0B6D275} => klucz nie znaleziono. ========= reg delete "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy" /v ProtectedHomepages /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg delete "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy" /v ProtectedSearchScopes /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg delete "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\OpenSearch" /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= HKU\S-1-5-21-994918294-1171295045-2541185440-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => Wartość pomyślnie usunięto HKU\S-1-5-21-994918294-1171295045-2541185440-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => Wartość pomyślnie usunięto "HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\13027460.sys" => klucz pomyślnie usunięto "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\13027460.sys" => klucz pomyślnie usunięto HKLM\SOFTWARE\Mozilla => niepowodzenie przy usuwaniu w pierwszym podejściu (ErrorCode: C0000121), zobacz kolejną linię. HKLM\SOFTWARE\Mozilla => klucz pomyślnie usunięto HKLM\SOFTWARE\MozillaPlugins => niepowodzenie przy usuwaniu w pierwszym podejściu (ErrorCode: C0000121), zobacz kolejną linię. HKLM\SOFTWARE\MozillaPlugins => klucz pomyślnie usunięto HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions => niepowodzenie przy usuwaniu w pierwszym podejściu (ErrorCode: C0000121), zobacz kolejną linię. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions => klucz pomyślnie usunięto HKLM\SOFTWARE\Wow6432Node\Mozilla => niepowodzenie przy usuwaniu w pierwszym podejściu (ErrorCode: C0000121), zobacz kolejną linię. HKLM\SOFTWARE\Wow6432Node\Mozilla => klucz pomyślnie usunięto HKLM\SOFTWARE\Wow6432Node\MozillaPlugins => niepowodzenie przy usuwaniu w pierwszym podejściu (ErrorCode: C0000121), zobacz kolejną linię. HKLM\SOFTWARE\Wow6432Node\MozillaPlugins => klucz pomyślnie usunięto C:\Program Files (x86)\uvconvrx_00000000 => pomyślnie przeniesiono C:\ProgramData\corss => pomyślnie przeniesiono C:\ProgramData\cosun => pomyślnie przeniesiono C:\ProgramData\McAfee => pomyślnie przeniesiono C:\ProgramData\UvConverter => pomyślnie przeniesiono C:\ProgramData\Tencent => pomyślnie przeniesiono C:\Users\natal\AppData\Local\Legness => pomyślnie przeniesiono C:\Users\natal\AppData\Roaming\version2.xml => pomyślnie przeniesiono C:\Users\natal\AppData\Roaming\Corner Sunshine => pomyślnie przeniesiono C:\Users\Public\Documents\temp.dat => pomyślnie przeniesiono C:\WINDOWS\system32\log => pomyślnie przeniesiono C:\WINDOWS\SysWOW64\data.bin => pomyślnie przeniesiono ========= netsh advfirewall reset ========= Ok. ========= Koniec CMD: ========= =========== EmptyTemp: ========== BITS transfer queue => 0 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13740898 B Java, Flash, Steam htmlcache => 492 B Windows/system/drivers => 922044 B Edge => 27349842 B Chrome => 24523193 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 1650 B NetworkService => 0 B natal => 19174159 B RecycleBin => 206296 B EmptyTemp: => 81.9 MB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 20:28:16 ====