JustPaste.it - Share Text & Images the Easy Way

Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 20-02-2021 01
Uruchomiony przez burcz (21-02-2021 20:39:04) Run:1
Uruchomiony z C:\Users\burcz\OneDrive\Pulpit\Nowy folder
Załadowane profile: burcz
Tryb startu: Normal
==============================================

fixlist - zawartość:
*****************
HKU\S-1-5-21-114268704-1918710269-250376416-1001\...\Run: [burcz] => explorer.exe hxxp://exinariuminix.info <==== UWAGA
HKU\S-1-5-21-114268704-1918710269-250376416-1001\...\MountPoints2: F - "F:\setup.exe"
HKU\S-1-5-21-114268704-1918710269-250376416-1001\...\MountPoints2: {47d8dce8-395f-11eb-8674-dcfe074bd22d} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL F:\autorun.exe /auto
Task: {BB9A5925-978E-4C64-8CB8-3BDFD70B59E8} - System32\Tasks\burcz => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v burcz /t REG_SZ /d "explorer.exe http://exinariuminix.info" <==== UWAGA
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X]
CustomCLSID: HKU\S-1-5-21-114268704-1918710269-250376416-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe" -ToastActivated => Brak pliku
FirewallRules: [TCP Query User{F85E41A3-98AF-41FB-8DD7-C1280A8C9E29}D:\programy\fifa 20\fifa20.exe] => (Allow) D:\programy\fifa 20\fifa20.exe => Brak pliku
FirewallRules: [UDP Query User{44DB664E-C356-480F-81BB-DAFF2ED6B779}D:\programy\fifa 20\fifa20.exe] => (Allow) D:\programy\fifa 20\fifa20.exe => Brak pliku
FirewallRules: [TCP Query User{75DDBF28-B218-42F9-ACA8-2C515F3D57C8}C:\users\burcz\appdata\local\temp\7zs5155\enterprisedu.exe] => (Allow) C:\users\burcz\appdata\local\temp\7zs5155\enterprisedu.exe => Brak pliku
FirewallRules: [UDP Query User{04941B44-B8F1-444A-8BE2-EA6335488257}C:\users\burcz\appdata\local\temp\7zs5155\enterprisedu.exe] => (Allow) C:\users\burcz\appdata\local\temp\7zs5155\enterprisedu.exe => Brak pliku
FirewallRules: [{353236E6-E446-4AD3-98FA-BDA3E6BF9E11}] => (Allow) C:\Users\burcz\AppData\Local\Temp\7zS27C6\HP.EasyStart.exe => Brak pliku
EmptyTemp:
*****************

"HKU\S-1-5-21-114268704-1918710269-250376416-1001\Software\Microsoft\Windows\CurrentVersion\Run\\burcz" => pomyślnie usunięto
HKU\S-1-5-21-114268704-1918710269-250376416-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F => pomyślnie usunięto
HKU\S-1-5-21-114268704-1918710269-250376416-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{47d8dce8-395f-11eb-8674-dcfe074bd22d} => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{BB9A5925-978E-4C64-8CB8-3BDFD70B59E8}" => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB9A5925-978E-4C64-8CB8-3BDFD70B59E8}" => pomyślnie usunięto
C:\Windows\System32\Tasks\burcz => pomyślnie przeniesiono
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\burcz" => pomyślnie usunięto
nvvad_WaveExtensible => serwis nie znaleziono.
HKLM\System\CurrentControlSet\Services\nvvhci => pomyślnie usunięto
nvvhci => serwis pomyślnie usunięto
HKU\S-1-5-21-114268704-1918710269-250376416-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145} => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F85E41A3-98AF-41FB-8DD7-C1280A8C9E29}D:\programy\fifa 20\fifa20.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{44DB664E-C356-480F-81BB-DAFF2ED6B779}D:\programy\fifa 20\fifa20.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{75DDBF28-B218-42F9-ACA8-2C515F3D57C8}C:\users\burcz\appdata\local\temp\7zs5155\enterprisedu.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{04941B44-B8F1-444A-8BE2-EA6335488257}C:\users\burcz\appdata\local\temp\7zs5155\enterprisedu.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{353236E6-E446-4AD3-98FA-BDA3E6BF9E11}" => pomyślnie usunięto

=========== EmptyTemp: ==========

BITS transfer queue => 8151040 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 176796689 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 12770882 B
Edge => 880073 B
Firefox => 186742439 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 182142 B
burcz => 36504434 B

RecycleBin => 0 B
EmptyTemp: => 402.5 MB danych tymczasowych Usunięto.

================================

System wymagał restartu.

==== Koniec Fixlog 20:40:02 ====