Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 06-10-2023 Uruchomiony przez apiec (18-10-2023 11:23:02) Run:1 Uruchomiony z C:\Users\apiec\Downloads\frst Załadowane profile: apiec Tryb startu: Normal ============================================== fixlist - zawartość: ***************** SystemRestore: On CreateRestorePoint: CloseProcesses: EmptyTemp: File: C:\Users\apiec\Program.exe HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Ograniczenia <==== UWAGA HKU\S-1-5-21-3316565980-1593576605-2437453199-1001\...\MountPoints2: {9fb291af-66a4-11ee-9e27-e8039a22a11f} - "E:\AutoRun.exe" HKU\S-1-5-21-3316565980-1593576605-2437453199-1001\...\MountPoints2: {9fb29264-66a4-11ee-9e27-e8039a22a11f} - "E:\AutoRun.exe" GroupPolicy: Ograniczenia ? <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA Task: {508D2BC7-827B-44DD-9CDB-B97092340ACA} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [5329808 2023-10-15] (Microsoft Windows -> Microsoft Corporation) Tcpip\..\Interfaces\{45f73f01-4f1a-4466-8e7d-6f3c1e5633da}: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{7c0972cc-b49e-4e77-9dd6-f3f3afaf8c7a}: [NameServer] 194.204.159.1 194.204.152.34 2023-10-09 14:52 - 2023-10-09 14:52 - 000003656 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask 2023-10-08 20:08 - 2023-10-08 20:08 - 000000266 __RSH C:\ProgramData\ntuser.pol CustomCLSID: HKU\S-1-5-21-3316565980-1593576605-2437453199-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => Brak pliku ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Brak pliku ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Brak pliku ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Brak pliku FirewallRules: [UDP Query User{46C1AFAB-F05E-42DB-8A97-CFC6357063F5}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe => Brak pliku FirewallRules: [TCP Query User{EF5626A6-C9D9-42D8-9C80-C18FFF2923C9}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe => Brak pliku FirewallRules: [{F65204B4-D74B-44C0-AF7B-4DB96ED8EE40}] => (Allow) C:\Program Files\Unity Hub\Unity Hub.exe => Brak pliku FirewallRules: [{480C6602-A8F0-4CD4-AA2D-AB8069EA5E9D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Brak pliku FirewallRules: [{9E6EFAB9-EFA3-4B1E-B67D-E4ECCBA59176}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Brak pliku FirewallRules: [{01DF0815-250E-4BEF-A399-C43432F6D46B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Brak pliku FirewallRules: [{C9B70DF6-3CB5-42AC-9DE3-6A0E1C192420}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Brak pliku ***************** HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore => pomyślnie usunięto SystemRestore: On => ukończone Punkt przywracania został pomyślnie utworzony. Procesy zostały pomyślnie zamknięte. ========================= File: C:\Users\apiec\Program.exe ======================== C:\Users\apiec\Program.exe Brak podpisu cyfrowego MD5: 205FD7857C5DFADEFB727A6A919DB1CC Data utworzenia i modyfikacji: 2022-07-17 18:00 - 2022-07-17 18:00 Rozmiar: 000003584 Atrybuty: ----A Firma: Wewnętrzna nazwa: Program.exe Oryginalna nazwa: Program.exe Produkt: Opis: Plik Wersja: 0.0.0.0 Produkt Wersja: 0.0.0.0 Prawa autorskie: VirusTotal: 0 ====== Koniec File: ====== HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => pomyślnie usunięto HKU\S-1-5-21-3316565980-1593576605-2437453199-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9fb291af-66a4-11ee-9e27-e8039a22a11f} => pomyślnie usunięto HKU\S-1-5-21-3316565980-1593576605-2437453199-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9fb29264-66a4-11ee-9e27-e8039a22a11f} => pomyślnie usunięto "C:\WINDOWS\system32\GroupPolicy\Machine" folder - przenoszenie: C:\WINDOWS\system32\GroupPolicy\Machine => pomyślnie przeniesiono C:\WINDOWS\system32\GroupPolicy\GPT.ini => pomyślnie przeniesiono C:\ProgramData\NTUSER.pol => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{508D2BC7-827B-44DD-9CDB-B97092340ACA}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{508D2BC7-827B-44DD-9CDB-B97092340ACA}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CreateExplorerShellUnelevatedTask" => pomyślnie usunięto "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{45f73f01-4f1a-4466-8e7d-6f3c1e5633da}\\DhcpNameServer" => pomyślnie usunięto "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7c0972cc-b49e-4e77-9dd6-f3f3afaf8c7a}\\NameServer" => pomyślnie usunięto "C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask" => nie znaleziono "C:\ProgramData\ntuser.pol" => nie znaleziono HKU\S-1-5-21-3316565980-1593576605-2437453199-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000} => pomyślnie usunięto HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => pomyślnie usunięto HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => pomyślnie usunięto "HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => pomyślnie usunięto HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{46C1AFAB-F05E-42DB-8A97-CFC6357063F5}C:\program files\unity hub\unity hub.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EF5626A6-C9D9-42D8-9C80-C18FFF2923C9}C:\program files\unity hub\unity hub.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F65204B4-D74B-44C0-AF7B-4DB96ED8EE40}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{480C6602-A8F0-4CD4-AA2D-AB8069EA5E9D}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9E6EFAB9-EFA3-4B1E-B67D-E4ECCBA59176}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{01DF0815-250E-4BEF-A399-C43432F6D46B}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C9B70DF6-3CB5-42AC-9DE3-6A0E1C192420}" => pomyślnie usunięto =========== EmptyTemp: ========== FlushDNS => ukończone BITS transfer queue => 0 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10537491 B Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B Windows/system/drivers => 95923181 B Edge => 0 B Firefox => 1181588331 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 7338 B NetworkService => 14414 B apiec => 34775071 B RecycleBin => 0 B EmptyTemp: => 1.2 GB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 11:24:49 ====