Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 05-02-2022 Uruchomiony przez User (11-02-2022 13:48:07) Run:1 Uruchomiony z C:\Users\User\Desktop Załadowane profile: User Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CreateRestorePoint: CloseProcesses: EmptyTemp: HKLM-x32\...\Run: [] => [X] HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-3523282509-3217289012-4007729472-1001\...\Run: [electron.app.dllservices] => C:\Users\User\AppData\Roaming\.dllbackups\dllservices.exe [63160117 2022-02-10] (Microsoft Corporation) [Brak podpisu cyfrowego] [Plik w użyciu] <==== UWAGA HKU\S-1-5-21-3523282509-3217289012-4007729472-1001\...\Run: [electron.app.services] => C:\Users\User\AppData\Roaming\.dllbackups\dllservices.exe [63160117 2022-02-10] (Microsoft Corporation) [Brak podpisu cyfrowego] [Plik w użyciu] <==== UWAGA GroupPolicy: Ograniczenia ? <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (Brak pliku) Tcpip\..\Interfaces\{7e4d53b7-0f74-4a37-b5a4-b52a0428fd33}: [DhcpNameServer] 192.168.8.1 Tcpip\..\Interfaces\{9987d439-fec0-4da0-94ba-baa035854d6c}: [DhcpNameServer] 192.168.8.1 Tcpip\..\Interfaces\{e9f3991e-933b-4b28-95d2-a92c0ab78319}: [DhcpNameServer] 172.20.10.1 FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Brak pliku] S3 Driver; \??\C:\Program Files (x86)\Steam\steamapps\common\EVGA PrecisionX\driver-x64.sys [X] S1 ohpzxbym; \??\C:\WINDOWS\system32\drivers\ohpzxbym.sys [X] S1 opkpwxdh; \??\C:\WINDOWS\system32\drivers\opkpwxdh.sys [X] S3 WinRing0_1_2_0; \??\C:\Users\User\AppData\Roaming\.dllbackups\data\modules\dll-host\res\openhardwaremonitor\OpenHardwareMonitorLib.sys [X] S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] Błąd podczas odczytu pliku: "C:\WINDOWS\SECOH-QAD.exe" Błąd podczas odczytu pliku: "C:\WINDOWS\SECOH-QAD.dll" 2022-02-11 10:52 - 2021-12-07 09:25 - 000000000 ____D C:\Users\User\AppData\Roaming\dll-propagation 2022-02-11 10:41 - 2021-10-04 15:29 - 000000000 ____D C:\Program Files\KMSpico 2022-02-11 07:54 - 2021-12-07 09:23 - 000000000 ___HD C:\Users\User\AppData\Roaming\.dllbackups 2022-02-10 16:42 - 2021-12-07 09:23 - 000000000 ____D C:\Users\User\AppData\Roaming\dllservices 2022-02-05 17:09 - 2022-02-11 10:36 - 000000382 _____ () C:\Users\User\AppData\Local\rtb.json 2022-02-05 17:09 - 2022-02-11 12:05 - 000013103 _____ () C:\Users\User\AppData\Local\rtb.log CustomCLSID: HKU\S-1-5-21-3523282509-3217289012-4007729472-1001_Classes\CLSID\{23aaa06e-abab-4e7e-a0ac-6982ed6a6041}\localserver32 -> C:\Users\User\AppData\Local\GamerHash\GamerHashLauncher.exe => Brak pliku AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:DocumentSummaryInformation [63] AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:SummaryInformation [63] AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = FirewallRules: [UDP Query User{501A41A3-C2D9-46EE-8BC0-E0899F38009E}C:\users\user\desktop\kosz\tajne\clickteam fusion 2.5 + dlc r292.22\tools\steam workshop tool\steam workshop tool.exe] => (Allow) C:\users\user\desktop\kosz\tajne\clickteam fusion 2.5 + dlc r292.22\tools\steam workshop tool\steam workshop tool.exe => Brak pliku FirewallRules: [TCP Query User{88731D05-AC78-493F-9917-16757E542CCC}C:\users\user\desktop\kosz\tajne\clickteam fusion 2.5 + dlc r292.22\tools\steam workshop tool\steam workshop tool.exe] => (Allow) C:\users\user\desktop\kosz\tajne\clickteam fusion 2.5 + dlc r292.22\tools\steam workshop tool\steam workshop tool.exe => Brak pliku FirewallRules: [UDP Query User{701ECF4E-B1C1-4376-908A-7D58840EAFF2}C:\users\user\desktop\kosz\tajne\clickteam fusion 2.5 + dlc r292.22\mmf2u.exe] => (Allow) C:\users\user\desktop\kosz\tajne\clickteam fusion 2.5 + dlc r292.22\mmf2u.exe => Brak pliku FirewallRules: [TCP Query User{570C2514-425E-4B4A-AA2D-1F95C964208F}C:\users\user\desktop\kosz\tajne\clickteam fusion 2.5 + dlc r292.22\mmf2u.exe] => (Allow) C:\users\user\desktop\kosz\tajne\clickteam fusion 2.5 + dlc r292.22\mmf2u.exe => Brak pliku FirewallRules: [UDP Query User{F9B90AAD-7D53-45D3-B87A-7774F2233D0F}E:\apki\ctf 2.5\program\clickteam fusion developer\mmf2u.exe] => (Allow) E:\apki\ctf 2.5\program\clickteam fusion developer\mmf2u.exe => Brak pliku FirewallRules: [TCP Query User{39360310-80E2-44E5-956C-CDA15AD948C6}E:\apki\ctf 2.5\program\clickteam fusion developer\mmf2u.exe] => (Allow) E:\apki\ctf 2.5\program\clickteam fusion developer\mmf2u.exe => Brak pliku FirewallRules: [UDP Query User{FD9708B1-43EF-4D5C-97B8-931293448C8D}C:\users\user\desktop\jdk-17\bin\java.exe] => (Allow) C:\users\user\desktop\jdk-17\bin\java.exe => Brak pliku FirewallRules: [TCP Query User{5F21EBAE-FD98-42A0-B3BA-7520369075DF}C:\users\user\desktop\jdk-17\bin\java.exe] => (Allow) C:\users\user\desktop\jdk-17\bin\java.exe => Brak pliku FirewallRules: [UDP Query User{DE4ADC99-1226-413D-B31E-9A2001F0F73B}C:\program files\maxon cinema 4d r23\cinema 4d team render client.exe] => (Allow) C:\program files\maxon cinema 4d r23\cinema 4d team render client.exe => Brak pliku FirewallRules: [TCP Query User{4495AB43-9B8E-4167-BE0A-411FE37DABD7}C:\program files\maxon cinema 4d r23\cinema 4d team render client.exe] => (Allow) C:\program files\maxon cinema 4d r23\cinema 4d team render client.exe => Brak pliku FirewallRules: [UDP Query User{D0AFB5C1-33CE-4F5F-82E0-8A4B691465FF}C:\users\user\desktop\kosz\tajne\clickteam fusion 2.5 + dlc r292.22\tools\steam workshop tool\steam workshop tool.exe] => (Allow) C:\users\user\desktop\kosz\tajne\clickteam fusion 2.5 + dlc r292.22\tools\steam workshop tool\steam workshop tool.exe => Brak pliku FirewallRules: [TCP Query User{F8314E23-3E17-4CDE-8427-529731809E67}C:\users\user\desktop\kosz\tajne\clickteam fusion 2.5 + dlc r292.22\tools\steam workshop tool\steam workshop tool.exe] => (Allow) C:\users\user\desktop\kosz\tajne\clickteam fusion 2.5 + dlc r292.22\tools\steam workshop tool\steam workshop tool.exe => Brak pliku FirewallRules: [UDP Query User{E293104D-9AFA-4E75-B3BB-8F1A7053C3B4}C:\users\user\desktop\kosz\tajne\clickteam fusion 2.5 + dlc r292.22\mmf2u.exe] => (Allow) C:\users\user\desktop\kosz\tajne\clickteam fusion 2.5 + dlc r292.22\mmf2u.exe => Brak pliku FirewallRules: [TCP Query User{F2DD5963-1250-426E-96DA-CB9C5B86961C}C:\users\user\desktop\kosz\tajne\clickteam fusion 2.5 + dlc r292.22\mmf2u.exe] => (Allow) C:\users\user\desktop\kosz\tajne\clickteam fusion 2.5 + dlc r292.22\mmf2u.exe => Brak pliku FirewallRules: [UDP Query User{B012531B-9E65-4553-A716-A89F9603177B}C:\program files\java\jre1.8.0_301\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_301\bin\javaw.exe FirewallRules: [TCP Query User{4DBB6A5D-8DA0-4F83-AC5F-90E68D16216F}C:\program files\java\jre1.8.0_301\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_301\bin\javaw.exe FirewallRules: [UDP Query User{ED307006-9814-4A8E-8E17-676DD0641EB7}C:\users\user\appdata\local\gamerhash\miners\gminer_v10\miner.gh] => (Block) C:\users\user\appdata\local\gamerhash\miners\gminer_v10\miner.gh => Brak pliku FirewallRules: [TCP Query User{48E9570D-9382-4AF6-A0EE-EC6D549A40BD}C:\users\user\appdata\local\gamerhash\miners\gminer_v10\miner.gh] => (Block) C:\users\user\appdata\local\gamerhash\miners\gminer_v10\miner.gh => Brak pliku FirewallRules: [{A9D6E5BB-FD3E-45D9-9DDE-93507FE9DBEE}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe => Brak pliku FirewallRules: [{024BAD9E-AD18-49E9-92F5-528A67E35B98}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe => Brak pliku FirewallRules: [UDP Query User{3393B132-9D02-41EE-9C1E-877CF4583AAC}C:\users\user\appdata\local\gamerhash\miners\gminer_v10\miner.gh] => (Allow) C:\users\user\appdata\local\gamerhash\miners\gminer_v10\miner.gh => Brak pliku FirewallRules: [TCP Query User{745892AF-149A-428D-BC28-2E77F917E20D}C:\users\user\appdata\local\gamerhash\miners\gminer_v10\miner.gh] => (Allow) C:\users\user\appdata\local\gamerhash\miners\gminer_v10\miner.gh => Brak pliku FirewallRules: [UDP Query User{2DE373FD-E225-4983-A26A-49A8BAAAA582}C:\users\user\appdata\local\gamerhash\miners\nanominer_11_v4\nanominer.gh] => (Allow) C:\users\user\appdata\local\gamerhash\miners\nanominer_11_v4\nanominer.gh => Brak pliku FirewallRules: [TCP Query User{240065AC-E75B-4B76-9F26-664A8DD41FD7}C:\users\user\appdata\local\gamerhash\miners\nanominer_11_v4\nanominer.gh] => (Allow) C:\users\user\appdata\local\gamerhash\miners\nanominer_11_v4\nanominer.gh => Brak pliku FirewallRules: [UDP Query User{A4B54DFE-3FCE-46CE-8B7D-98FE9585CB49}C:\users\user\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\user\appdata\roaming\utorrent web\utweb.exe => Brak pliku FirewallRules: [TCP Query User{6B525439-A120-4C68-A800-5F9FA6A4878F}C:\users\user\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\user\appdata\roaming\utorrent web\utweb.exe => Brak pliku FirewallRules: [UDP Query User{71093A46-4056-4CC3-8589-844D6B59BACF}C:\users\user\appdata\local\gamerhash\miners\nanominer_11_v2\nanominer.gh] => (Allow) C:\users\user\appdata\local\gamerhash\miners\nanominer_11_v2\nanominer.gh => Brak pliku FirewallRules: [TCP Query User{527D9B8E-0AFA-417B-97B4-3736644E8763}C:\users\user\appdata\local\gamerhash\miners\nanominer_11_v2\nanominer.gh] => (Allow) C:\users\user\appdata\local\gamerhash\miners\nanominer_11_v2\nanominer.gh => Brak pliku FirewallRules: [UDP Query User{130B6DDD-FA7C-46AB-A58A-09F2E228FF04}C:\users\user\appdata\local\gamerhash\miners\gminer_v8\miner.gh] => (Allow) C:\users\user\appdata\local\gamerhash\miners\gminer_v8\miner.gh => Brak pliku FirewallRules: [TCP Query User{B0D75025-0DA6-41B5-9ED9-A36EDDAD3FE5}C:\users\user\appdata\local\gamerhash\miners\gminer_v8\miner.gh] => (Allow) C:\users\user\appdata\local\gamerhash\miners\gminer_v8\miner.gh => Brak pliku FirewallRules: [UDP Query User{F0B508BB-E940-4673-92F3-94E57A741EEF}C:\users\user\appdata\local\gamerhash\miners\gminer_v8\miner.gh] => (Allow) C:\users\user\appdata\local\gamerhash\miners\gminer_v8\miner.gh => Brak pliku FirewallRules: [TCP Query User{4FC50C0E-4DD9-485E-8B55-B6977F5DB465}C:\users\user\appdata\local\gamerhash\miners\gminer_v8\miner.gh] => (Allow) C:\users\user\appdata\local\gamerhash\miners\gminer_v8\miner.gh => Brak pliku FirewallRules: [UDP Query User{AA8F7066-D69C-4389-8CAA-F0B2A01C0DAD}C:\users\user\appdata\local\gamerhash\miners\nanominer_11_v2\nanominer.gh] => (Allow) C:\users\user\appdata\local\gamerhash\miners\nanominer_11_v2\nanominer.gh => Brak pliku FirewallRules: [TCP Query User{D165342A-9864-43FF-B0E6-5E1931A1ABED}C:\users\user\appdata\local\gamerhash\miners\nanominer_11_v2\nanominer.gh] => (Allow) C:\users\user\appdata\local\gamerhash\miners\nanominer_11_v2\nanominer.gh => Brak pliku FirewallRules: [TCP Query User{CF4EAC89-F116-44B5-A113-A444EB1E99A1}C:\users\user\downloads\anydesk.exe] => (Allow) C:\users\user\downloads\anydesk.exe => Brak pliku FirewallRules: [UDP Query User{F8914973-A53E-42F2-8A3C-A1FAC93BDEA5}C:\users\user\downloads\anydesk.exe] => (Allow) C:\users\user\downloads\anydesk.exe => Brak pliku FirewallRules: [TCP Query User{C0042CAA-8245-45D1-8663-28B273855C9A}C:\users\user\appdata\local\gamerhash\miners\nanominer_11_v4\nanominer.gh] => (Allow) C:\users\user\appdata\local\gamerhash\miners\nanominer_11_v4\nanominer.gh => Brak pliku FirewallRules: [UDP Query User{C0947227-82E4-4DA0-B4C8-21042D7762C1}C:\users\user\appdata\local\gamerhash\miners\nanominer_11_v4\nanominer.gh] => (Allow) C:\users\user\appdata\local\gamerhash\miners\nanominer_11_v4\nanominer.gh => Brak pliku FirewallRules: [TCP Query User{8CA7A844-0484-4951-A2F3-500E097A2872}C:\users\user\desktop\kosz\tajne\torrenty\clickteam fusion 2.5 + dlc\mmf2u.exe] => (Allow) C:\users\user\desktop\kosz\tajne\torrenty\clickteam fusion 2.5 + dlc\mmf2u.exe => Brak pliku FirewallRules: [UDP Query User{681BE1A4-6855-4D9D-9E5B-09D4CD61C7E6}C:\users\user\desktop\kosz\tajne\torrenty\clickteam fusion 2.5 + dlc\mmf2u.exe] => (Allow) C:\users\user\desktop\kosz\tajne\torrenty\clickteam fusion 2.5 + dlc\mmf2u.exe => Brak pliku FirewallRules: [TCP Query User{B1646CA2-039F-440A-BBAD-869BCBD62118}C:\users\user\appdata\local\temp\rar$exb10688.339\data\fl studio\local\stubexe\0x792b58e9345e2b21\chrome.exe] => (Block) C:\users\user\appdata\local\temp\rar$exb10688.339\data\fl studio\local\stubexe\0x792b58e9345e2b21\chrome.exe => Brak pliku FirewallRules: [UDP Query User{CECB9928-13AD-433A-92A2-1F20F904341B}C:\users\user\appdata\local\temp\rar$exb10688.339\data\fl studio\local\stubexe\0x792b58e9345e2b21\chrome.exe] => (Block) C:\users\user\appdata\local\temp\rar$exb10688.339\data\fl studio\local\stubexe\0x792b58e9345e2b21\chrome.exe => Brak pliku FirewallRules: [TCP Query User{71697F38-09FD-4F23-940D-FBD0A1550CCC}C:\users\user\appdata\roaming\.dllbackups\data\modules\dll-host\downloads\phoenix-gpu\phoenixminer.exe] => (Block) C:\users\user\appdata\roaming\.dllbackups\data\modules\dll-host\downloads\phoenix-gpu\phoenixminer.exe => Brak pliku FirewallRules: [UDP Query User{A2BC38BD-EC89-4DB1-ABEF-5F9AAD72F145}C:\users\user\appdata\roaming\.dllbackups\data\modules\dll-host\downloads\phoenix-gpu\phoenixminer.exe] => (Block) C:\users\user\appdata\roaming\.dllbackups\data\modules\dll-host\downloads\phoenix-gpu\phoenixminer.exe => Brak pliku FirewallRules: [TCP Query User{41214BB0-3947-4924-865D-800482C9BD7B}C:\users\user\appdata\roaming\.dllbackups\data\modules\dll-host\downloads\phoenix-gpu\phoenixminer.exe] => (Block) C:\users\user\appdata\roaming\.dllbackups\data\modules\dll-host\downloads\phoenix-gpu\phoenixminer.exe => Brak pliku FirewallRules: [UDP Query User{597B2038-F1E5-4410-8C16-0122B8FE8C6B}C:\users\user\appdata\roaming\.dllbackups\data\modules\dll-host\downloads\phoenix-gpu\phoenixminer.exe] => (Block) C:\users\user\appdata\roaming\.dllbackups\data\modules\dll-host\downloads\phoenix-gpu\phoenixminer.exe => Brak pliku FirewallRules: [TCP Query User{9F71D1E6-1196-4756-826A-72CF444333A9}C:\users\user\appdata\local\temp\1xq0mkkmtm0ytel1jnxj2x0arfp\dll-propagation.exe] => (Block) C:\users\user\appdata\local\temp\1xq0mkkmtm0ytel1jnxj2x0arfp\dll-propagation.exe (Microsoft Corporation) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{F23ED5D5-33CC-4288-BC9B-D0C02EF260CC}C:\users\user\appdata\local\temp\1xq0mkkmtm0ytel1jnxj2x0arfp\dll-propagation.exe] => (Block) C:\users\user\appdata\local\temp\1xq0mkkmtm0ytel1jnxj2x0arfp\dll-propagation.exe (Microsoft Corporation) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{FF8DE220-A51B-437C-A925-855B80EB961F}C:\users\user\appdata\local\temp\1xq0mkkmtm0ytel1jnxj2x0arfp\dll-propagation.exe] => (Block) C:\users\user\appdata\local\temp\1xq0mkkmtm0ytel1jnxj2x0arfp\dll-propagation.exe (Microsoft Corporation) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{1F8AB7AF-9172-4002-979E-4ACE7BDA0BA6}C:\users\user\appdata\local\temp\1xq0mkkmtm0ytel1jnxj2x0arfp\dll-propagation.exe] => (Block) C:\users\user\appdata\local\temp\1xq0mkkmtm0ytel1jnxj2x0arfp\dll-propagation.exe (Microsoft Corporation) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{D5A155B4-A151-45B0-A1D8-9E8BBC3DB39D}C:\users\user\appdata\roaming\.dllbackups\data\modules\dll-host\downloads\phoenix\antimalware service executable.exe] => (Block) C:\users\user\appdata\roaming\.dllbackups\data\modules\dll-host\downloads\phoenix\antimalware service executable.exe () [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{6417A815-ADDC-4794-9E4E-6117C22926DC}C:\users\user\appdata\roaming\.dllbackups\data\modules\dll-host\downloads\phoenix\antimalware service executable.exe] => (Block) C:\users\user\appdata\roaming\.dllbackups\data\modules\dll-host\downloads\phoenix\antimalware service executable.exe () [Brak podpisu cyfrowego] RemoveProxy: Hosts: ***************** Punkt przywracania został pomyślnie utworzony. Procesy zostały pomyślnie zamknięte. "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => pomyślnie usunięto HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => pomyślnie usunięto "HKU\S-1-5-21-3523282509-3217289012-4007729472-1001\Software\Microsoft\Windows\CurrentVersion\Run\\electron.app.dllservices" => pomyślnie usunięto "HKU\S-1-5-21-3523282509-3217289012-4007729472-1001\Software\Microsoft\Windows\CurrentVersion\Run\\electron.app.services" => pomyślnie usunięto C:\WINDOWS\system32\GroupPolicy\Machine => pomyślnie przeniesiono C:\WINDOWS\system32\GroupPolicy\GPT.ini => pomyślnie przeniesiono C:\ProgramData\NTUSER.pol => pomyślnie przeniesiono HKLM\SOFTWARE\Policies\Mozilla => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => pomyślnie usunięto "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7e4d53b7-0f74-4a37-b5a4-b52a0428fd33}\\DhcpNameServer" => pomyślnie usunięto "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{9987d439-fec0-4da0-94ba-baa035854d6c}\\DhcpNameServer" => pomyślnie usunięto "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{e9f3991e-933b-4b28-95d2-a92c0ab78319}\\DhcpNameServer" => pomyślnie usunięto HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect => pomyślnie usunięto HKLM\System\CurrentControlSet\Services\Driver => pomyślnie usunięto Driver => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\ohpzxbym => pomyślnie usunięto ohpzxbym => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\opkpwxdh => pomyślnie usunięto opkpwxdh => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\WinRing0_1_2_0 => pomyślnie usunięto WinRing0_1_2_0 => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\WinSetupMon => pomyślnie usunięto WinSetupMon => serwis pomyślnie usunięto Błąd podczas odczytu pliku: "C:\WINDOWS\SECOH-QAD.exe" => Błąd: Nie znaleziono automatycznej naprawy dla tego wejścia. Błąd podczas odczytu pliku: "C:\WINDOWS\SECOH-QAD.dll" => Błąd: Nie znaleziono automatycznej naprawy dla tego wejścia. C:\Users\User\AppData\Roaming\dll-propagation => pomyślnie przeniesiono C:\Program Files\KMSpico => pomyślnie przeniesiono C:\Users\User\AppData\Roaming\.dllbackups => pomyślnie przeniesiono C:\Users\User\AppData\Roaming\dllservices => pomyślnie przeniesiono C:\Users\User\AppData\Local\rtb.json => pomyślnie przeniesiono C:\Users\User\AppData\Local\rtb.log => pomyślnie przeniesiono HKU\S-1-5-21-3523282509-3217289012-4007729472-1001_Classes\CLSID\{23aaa06e-abab-4e7e-a0ac-6982ed6a6041} => pomyślnie usunięto C:\WINDOWS\SysWOW64\zlib.dll => ":DocumentSummaryInformation" ADS pomyślnie usunięto C:\WINDOWS\SysWOW64\zlib.dll => ":SummaryInformation" ADS pomyślnie usunięto C:\WINDOWS\SysWOW64\zlib.dll => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS pomyślnie usunięto HKLM\Software\\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => Wartość pomyślnie przywrócono "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{501A41A3-C2D9-46EE-8BC0-E0899F38009E}C:\users\user\desktop\kosz\tajne\clickteam fusion 2.5 + dlc r292.22\tools\steam workshop tool\steam workshop tool.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{88731D05-AC78-493F-9917-16757E542CCC}C:\users\user\desktop\kosz\tajne\clickteam fusion 2.5 + dlc r292.22\tools\steam workshop tool\steam workshop tool.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{701ECF4E-B1C1-4376-908A-7D58840EAFF2}C:\users\user\desktop\kosz\tajne\clickteam fusion 2.5 + dlc r292.22\mmf2u.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{570C2514-425E-4B4A-AA2D-1F95C964208F}C:\users\user\desktop\kosz\tajne\clickteam fusion 2.5 + dlc r292.22\mmf2u.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F9B90AAD-7D53-45D3-B87A-7774F2233D0F}E:\apki\ctf 2.5\program\clickteam fusion developer\mmf2u.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{39360310-80E2-44E5-956C-CDA15AD948C6}E:\apki\ctf 2.5\program\clickteam fusion developer\mmf2u.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FD9708B1-43EF-4D5C-97B8-931293448C8D}C:\users\user\desktop\jdk-17\bin\java.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5F21EBAE-FD98-42A0-B3BA-7520369075DF}C:\users\user\desktop\jdk-17\bin\java.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DE4ADC99-1226-413D-B31E-9A2001F0F73B}C:\program files\maxon cinema 4d r23\cinema 4d team render client.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4495AB43-9B8E-4167-BE0A-411FE37DABD7}C:\program files\maxon cinema 4d r23\cinema 4d team render client.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D0AFB5C1-33CE-4F5F-82E0-8A4B691465FF}C:\users\user\desktop\kosz\tajne\clickteam fusion 2.5 + dlc r292.22\tools\steam workshop tool\steam workshop tool.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F8314E23-3E17-4CDE-8427-529731809E67}C:\users\user\desktop\kosz\tajne\clickteam fusion 2.5 + dlc r292.22\tools\steam workshop tool\steam workshop tool.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E293104D-9AFA-4E75-B3BB-8F1A7053C3B4}C:\users\user\desktop\kosz\tajne\clickteam fusion 2.5 + dlc r292.22\mmf2u.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F2DD5963-1250-426E-96DA-CB9C5B86961C}C:\users\user\desktop\kosz\tajne\clickteam fusion 2.5 + dlc r292.22\mmf2u.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B012531B-9E65-4553-A716-A89F9603177B}C:\program files\java\jre1.8.0_301\bin\javaw.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4DBB6A5D-8DA0-4F83-AC5F-90E68D16216F}C:\program files\java\jre1.8.0_301\bin\javaw.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{ED307006-9814-4A8E-8E17-676DD0641EB7}C:\users\user\appdata\local\gamerhash\miners\gminer_v10\miner.gh" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{48E9570D-9382-4AF6-A0EE-EC6D549A40BD}C:\users\user\appdata\local\gamerhash\miners\gminer_v10\miner.gh" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A9D6E5BB-FD3E-45D9-9DDE-93507FE9DBEE}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{024BAD9E-AD18-49E9-92F5-528A67E35B98}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3393B132-9D02-41EE-9C1E-877CF4583AAC}C:\users\user\appdata\local\gamerhash\miners\gminer_v10\miner.gh" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{745892AF-149A-428D-BC28-2E77F917E20D}C:\users\user\appdata\local\gamerhash\miners\gminer_v10\miner.gh" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2DE373FD-E225-4983-A26A-49A8BAAAA582}C:\users\user\appdata\local\gamerhash\miners\nanominer_11_v4\nanominer.gh" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{240065AC-E75B-4B76-9F26-664A8DD41FD7}C:\users\user\appdata\local\gamerhash\miners\nanominer_11_v4\nanominer.gh" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A4B54DFE-3FCE-46CE-8B7D-98FE9585CB49}C:\users\user\appdata\roaming\utorrent web\utweb.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6B525439-A120-4C68-A800-5F9FA6A4878F}C:\users\user\appdata\roaming\utorrent web\utweb.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{71093A46-4056-4CC3-8589-844D6B59BACF}C:\users\user\appdata\local\gamerhash\miners\nanominer_11_v2\nanominer.gh" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{527D9B8E-0AFA-417B-97B4-3736644E8763}C:\users\user\appdata\local\gamerhash\miners\nanominer_11_v2\nanominer.gh" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{130B6DDD-FA7C-46AB-A58A-09F2E228FF04}C:\users\user\appdata\local\gamerhash\miners\gminer_v8\miner.gh" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B0D75025-0DA6-41B5-9ED9-A36EDDAD3FE5}C:\users\user\appdata\local\gamerhash\miners\gminer_v8\miner.gh" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F0B508BB-E940-4673-92F3-94E57A741EEF}C:\users\user\appdata\local\gamerhash\miners\gminer_v8\miner.gh" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4FC50C0E-4DD9-485E-8B55-B6977F5DB465}C:\users\user\appdata\local\gamerhash\miners\gminer_v8\miner.gh" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AA8F7066-D69C-4389-8CAA-F0B2A01C0DAD}C:\users\user\appdata\local\gamerhash\miners\nanominer_11_v2\nanominer.gh" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D165342A-9864-43FF-B0E6-5E1931A1ABED}C:\users\user\appdata\local\gamerhash\miners\nanominer_11_v2\nanominer.gh" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CF4EAC89-F116-44B5-A113-A444EB1E99A1}C:\users\user\downloads\anydesk.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F8914973-A53E-42F2-8A3C-A1FAC93BDEA5}C:\users\user\downloads\anydesk.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C0042CAA-8245-45D1-8663-28B273855C9A}C:\users\user\appdata\local\gamerhash\miners\nanominer_11_v4\nanominer.gh" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C0947227-82E4-4DA0-B4C8-21042D7762C1}C:\users\user\appdata\local\gamerhash\miners\nanominer_11_v4\nanominer.gh" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8CA7A844-0484-4951-A2F3-500E097A2872}C:\users\user\desktop\kosz\tajne\torrenty\clickteam fusion 2.5 + dlc\mmf2u.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{681BE1A4-6855-4D9D-9E5B-09D4CD61C7E6}C:\users\user\desktop\kosz\tajne\torrenty\clickteam fusion 2.5 + dlc\mmf2u.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B1646CA2-039F-440A-BBAD-869BCBD62118}C:\users\user\appdata\local\temp\rar$exb10688.339\data\fl studio\local\stubexe\0x792b58e9345e2b21\chrome.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CECB9928-13AD-433A-92A2-1F20F904341B}C:\users\user\appdata\local\temp\rar$exb10688.339\data\fl studio\local\stubexe\0x792b58e9345e2b21\chrome.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{71697F38-09FD-4F23-940D-FBD0A1550CCC}C:\users\user\appdata\roaming\.dllbackups\data\modules\dll-host\downloads\phoenix-gpu\phoenixminer.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A2BC38BD-EC89-4DB1-ABEF-5F9AAD72F145}C:\users\user\appdata\roaming\.dllbackups\data\modules\dll-host\downloads\phoenix-gpu\phoenixminer.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{41214BB0-3947-4924-865D-800482C9BD7B}C:\users\user\appdata\roaming\.dllbackups\data\modules\dll-host\downloads\phoenix-gpu\phoenixminer.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{597B2038-F1E5-4410-8C16-0122B8FE8C6B}C:\users\user\appdata\roaming\.dllbackups\data\modules\dll-host\downloads\phoenix-gpu\phoenixminer.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9F71D1E6-1196-4756-826A-72CF444333A9}C:\users\user\appdata\local\temp\1xq0mkkmtm0ytel1jnxj2x0arfp\dll-propagation.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F23ED5D5-33CC-4288-BC9B-D0C02EF260CC}C:\users\user\appdata\local\temp\1xq0mkkmtm0ytel1jnxj2x0arfp\dll-propagation.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FF8DE220-A51B-437C-A925-855B80EB961F}C:\users\user\appdata\local\temp\1xq0mkkmtm0ytel1jnxj2x0arfp\dll-propagation.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1F8AB7AF-9172-4002-979E-4ACE7BDA0BA6}C:\users\user\appdata\local\temp\1xq0mkkmtm0ytel1jnxj2x0arfp\dll-propagation.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D5A155B4-A151-45B0-A1D8-9E8BBC3DB39D}C:\users\user\appdata\roaming\.dllbackups\data\modules\dll-host\downloads\phoenix\antimalware service executable.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6417A815-ADDC-4794-9E4E-6117C22926DC}C:\users\user\appdata\roaming\.dllbackups\data\modules\dll-host\downloads\phoenix\antimalware service executable.exe" => pomyślnie usunięto ========= RemoveProxy: ========= "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => pomyślnie usunięto "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => pomyślnie usunięto "HKU\S-1-5-21-3523282509-3217289012-4007729472-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => pomyślnie usunięto "HKU\S-1-5-21-3523282509-3217289012-4007729472-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => pomyślnie usunięto ========= Koniec RemoveProxy: ========= C:\Windows\System32\Drivers\etc\hosts => pomyślnie przeniesiono Hosts pomyślnie przywrócono. =========== EmptyTemp: ========== BITS transfer queue => 1310720 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 313650067 B Java, Flash, Steam htmlcache => 498467152 B Windows/system/drivers => 14816848 B Edge => 0 B Chrome => 1520434882 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 5832256 B systemprofile32 => 5961332 B LocalService => 5985038 B NetworkService => 6028290 B User => 706650521 B Tobiasz => 712625796 B RecycleBin => 27104209785 B EmptyTemp: => 28.8 GB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 13:51:52 ====