Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 28-12-2019 Uruchomiony przez wluka (04-01-2020 18:30:58) Run:1 Uruchomiony z C:\Users\wluka\Downloads Załadowane profile: wluka (Dostępne profile: wluka & niroco & lkClassAds & niLXIDiscovery) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: EmptyTemp: VirusTotal: C:\Users\wluka\updmap.exe HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== UWAGA HKU\S-1-5-21-1857122422-1969531999-878302982-1001\...\Run: [GalaxyClient] => [X] HKU\S-1-5-21-1857122422-1969531999-878302982-1001\...\MountPoints2: {17a3cf0f-c3dc-11e7-aa80-3ca067f62262} - "E:\setup.exe" FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA Tcpip\..\Interfaces\{15574e7a-61ed-40fc-a0af-488532a5cfc4}: [DhcpNameServer] 192.168.1.1 192.168.1.1 HKU\S-1-5-21-1857122422-1969531999-878302982-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE HKU\S-1-5-21-1857122422-1969531999-878302982-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE SearchScopes: HKU\S-1-5-21-1857122422-1969531999-878302982-1001 -> DefaultScope {6C820B1E-EEB5-4699-A7A5-2BC23117788F} URL = SearchScopes: HKU\S-1-5-21-1857122422-1969531999-878302982-1001 -> {6C820B1E-EEB5-4699-A7A5-2BC23117788F} URL = ContextMenuHandlers1: [ANotepad++64] -> [CC]{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Brak pliku ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> Brak pliku ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> Brak pliku ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku ContextMenuHandlers1_S-1-5-21-1857122422-1969531999-878302982-1001: [GGDriveMenu] -> [CC]{E68D0A55-3C40-4712-B90D-DCFA93FF2534} => -> Brak pliku ContextMenuHandlers4_S-1-5-21-1857122422-1969531999-878302982-1001: [GGDriveMenu] -> [CC]{E68D0A55-3C40-4712-B90D-DCFA93FF2534} => -> Brak pliku FirewallRules: [{0CE9F5FA-4E42-45F3-A0BC-158CB019570E}] => (Allow) %systemroot%\system32\alg.exe Brak pliku FirewallRules: [{926522FE-A75E-48E2-B945-5EF8123ED73E}] => (Allow) %systemroot%\system32\alg.exe Brak pliku FirewallRules: [{EEEA66ED-23D4-420C-8C56-F853E61210DE}] => (Allow) %systemroot%\system32\alg.exe Brak pliku C:\Users\wluka\AppData\Local\updater.log ***************** Procesy zostały pomyślnie zamknięte. Punkt przywracania został pomyślnie utworzony. VirusTotal: C:\Users\wluka\updmap.exe => D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== UWAGA => pomyślnie przywrócono "HKU\S-1-5-21-1857122422-1969531999-878302982-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GalaxyClient" => pomyślnie usunięto HKU\S-1-5-21-1857122422-1969531999-878302982-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{17a3cf0f-c3dc-11e7-aa80-3ca067f62262} => pomyślnie usunięto HKLM\SOFTWARE\Policies\Mozilla => pomyślnie usunięto "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{15574e7a-61ed-40fc-a0af-488532a5cfc4}\\DhcpNameServer" => pomyślnie usunięto HKU\S-1-5-21-1857122422-1969531999-878302982-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => Wartość pomyślnie przywrócono HKU\S-1-5-21-1857122422-1969531999-878302982-1001\Software\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => Wartość pomyślnie przywrócono "HKU\S-1-5-21-1857122422-1969531999-878302982-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => pomyślnie usunięto HKU\S-1-5-21-1857122422-1969531999-878302982-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6C820B1E-EEB5-4699-A7A5-2BC23117788F} => pomyślnie usunięto HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => pomyślnie usunięto HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR => pomyślnie usunięto HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 => pomyślnie usunięto HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => pomyślnie usunięto HKU\S-1-5-21-1857122422-1969531999-878302982-1001\Software\Classes\*\ShellEx\ContextMenuHandlers\GGDriveMenu => pomyślnie usunięto HKU\S-1-5-21-1857122422-1969531999-878302982-1001\Software\Classes\Directory\ShellEx\ContextMenuHandlers\GGDriveMenu => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0CE9F5FA-4E42-45F3-A0BC-158CB019570E}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{926522FE-A75E-48E2-B945-5EF8123ED73E}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EEEA66ED-23D4-420C-8C56-F853E61210DE}" => pomyślnie usunięto C:\Users\wluka\AppData\Local\updater.log => pomyślnie przeniesiono =========== EmptyTemp: ========== BITS transfer queue => 10772480 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21408581 B Java, Flash, Steam htmlcache => 399777530 B Windows/system/drivers => 709617 B Edge => 706017 B Chrome => 444889657 B Firefox => 20478397 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 15226 B NetworkService => 15226 B wluka => 1694515047 B niroco => 1694515047 B lkClassAds => 1694515047 B niLXIDiscovery => 1694515047 B RecycleBin => 306063 B EmptyTemp: => 7.1 GB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 18:36:40 ====