Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 30-06-2020 Uruchomiony przez greh2 (03-07-2020 20:04:24) Run:1 Uruchomiony z C:\Users\greh2\Desktop Załadowane profile: greh2 Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: EmptyTemp: File: C:\Windows\system32\winlogui.exe VirusTotal: C:\Windows\system32\svchost.exe VirusTotal: C:\Windows\SysWOW64\svchost.exe HKLM\...\Policies\Explorer: [HideSCAHealth] 1 HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-2327329111-4195501157-308640029-1002\...\MountPoints2: {2e0602f4-2d6d-11ea-8a5b-f0761c17580f} - "E:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2327329111-4195501157-308640029-1002\...\MountPoints2: {967e991c-40dd-11ea-8a5e-f0761c17580f} - "E:\HiSuiteDownLoader.exe" HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> Task: {18A349FE-6384-4B4C-84C6-24338949AE0A} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== UWAGA Task: {5C4C2529-FC92-4E79-9442-BADD7B8D74DB} - System32\Tasks\Opera scheduled Autoupdate 1577790336 => C:\Users\greh2\AppData\Local\Programs\Opera\launcher.exe [1517592 2020-06-18] (Opera Software AS -> Opera Software) Task: {8075763C-7BFD-49DF-86A4-AED1A6EBFFB9} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\winrmsrv => C:\Windows\system32\winrmsrv.exe [731136 2020-06-27] (Microsoft Corporation) [Brak podpisu cyfrowego] <==== UWAGA Task: {9A8680D3-ECEB-4584-834A-D77D3D9D4446} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost <==== UWAGA Task: {D6BB9E81-A65D-481E-8A9D-DF93403927B3} - System32\Tasks\Microsoft\Windows\Wininet\Winlogui => C:\Windows\system32\winlogui.exe [750592 2020-06-27] (Microsoft Corporation) [Brak podpisu cyfrowego] Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe Tcpip\..\Interfaces\{a99d9f13-2466-4947-8a72-a329a1cd9562}: [DhcpNameServer] 31.11.202.254 37.8.214.2 Tcpip\..\Interfaces\{b5992ae6-2b56-4381-8039-754991138cb1}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{b5992ae6-2b56-4381-8039-754991138cb1}: [DhcpNameServer] 31.11.202.254 37.8.214.2 Tcpip\..\Interfaces\{dd324703-f371-4de2-b6c6-13ad850bdcd9}: [DhcpNameServer] 31.11.202.254 37.8.214.2 S2 wuauserv; C:\Windows\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== UWAGA (Brak ServiceDLL) S2 wuauserv; C:\Windows\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== UWAGA (Brak ServiceDLL) S2 QHActiveDefense; "C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe" [X] S3 QHProtected; "C:\Program Files (x86)\360\Total Security\safemon\WscReg.exe" [X] 2020-06-22 14:00 - 2019-12-31 13:05 - 000004248 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1577790336 ContextMenuHandlers1: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll -> Brak pliku ContextMenuHandlers4: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll -> Brak pliku ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku ContextMenuHandlers6: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll -> Brak pliku FirewallRules: [TCP Query User{15300500-C747-40F4-B055-94A76B3E036F}C:\users\greh2\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Allow) C:\users\greh2\appdata\local\programs\opera\65.0.3467.78\opera.exe => Brak pliku FirewallRules: [UDP Query User{9E838389-9C41-4F85-AB35-030FF729228A}C:\users\greh2\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Allow) C:\users\greh2\appdata\local\programs\opera\65.0.3467.78\opera.exe => Brak pliku FirewallRules: [{8C571959-4E4E-4E7C-8D65-8C7115DBF81A}] => (Block) C:\users\greh2\appdata\local\programs\opera\65.0.3467.78\opera.exe => Brak pliku FirewallRules: [{21509E82-B96B-430D-A13B-202D723BA112}] => (Block) C:\users\greh2\appdata\local\programs\opera\65.0.3467.78\opera.exe => Brak pliku FirewallRules: [{3ABF7104-B363-453A-AC21-49DD40861E69}] => (Allow) C:\Program Files (x86)\360\Total Security\softmgr\360InstantSetup.exe => Brak pliku FirewallRules: [{811E1F32-6328-44C9-8D58-77A61425250D}] => (Allow) C:\Program Files (x86)\360\Total Security\softmgr\360InstantSetup.exe => Brak pliku FirewallRules: [TCP Query User{BBF8B65B-B8E9-4FFA-AFD2-B5ACD0D1D691}C:\users\greh2\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Allow) C:\users\greh2\appdata\local\programs\opera\66.0.3515.44\opera.exe => Brak pliku FirewallRules: [UDP Query User{7D0B1641-7AD9-4D5A-8205-E43A26BB6606}C:\users\greh2\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Allow) C:\users\greh2\appdata\local\programs\opera\66.0.3515.44\opera.exe => Brak pliku FirewallRules: [{3313A3DF-56B0-4A2E-9EFF-E0EC7697A182}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe => Brak pliku FirewallRules: [{260854DF-961F-4AE1-B7BA-97DECF34A46C}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe => Brak pliku FirewallRules: [TCP Query User{06AD7D9B-F1BC-4CA9-BF73-06B853008E7A}C:\users\greh2\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Allow) C:\users\greh2\appdata\local\programs\opera\66.0.3515.72\opera.exe => Brak pliku FirewallRules: [UDP Query User{2648CE49-D6D1-4FFD-AD5E-41D108D4A168}C:\users\greh2\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Allow) C:\users\greh2\appdata\local\programs\opera\66.0.3515.72\opera.exe => Brak pliku FirewallRules: [TCP Query User{290A562B-1E26-4B14-BDDF-571D69C652BE}C:\users\greh2\appdata\local\programs\opera\66.0.3515.103\opera.exe] => (Allow) C:\users\greh2\appdata\local\programs\opera\66.0.3515.103\opera.exe => Brak pliku FirewallRules: [UDP Query User{6FF004FE-ECAA-4FC9-AA15-B18DE72D2732}C:\users\greh2\appdata\local\programs\opera\66.0.3515.103\opera.exe] => (Allow) C:\users\greh2\appdata\local\programs\opera\66.0.3515.103\opera.exe => Brak pliku FirewallRules: [TCP Query User{22C5DC48-EC5F-4216-82F5-D68F054821F9}C:\users\greh2\appdata\local\programs\opera\66.0.3515.103\opera.exe] => (Block) C:\users\greh2\appdata\local\programs\opera\66.0.3515.103\opera.exe => Brak pliku FirewallRules: [UDP Query User{6C671A26-B160-4E9D-B619-6EE692CB4C30}C:\users\greh2\appdata\local\programs\opera\66.0.3515.103\opera.exe] => (Block) C:\users\greh2\appdata\local\programs\opera\66.0.3515.103\opera.exe => Brak pliku FirewallRules: [TCP Query User{DB7A2943-B13B-4634-8B47-41E89AA39840}C:\users\greh2\appdata\local\programs\opera\66.0.3515.115\opera.exe] => (Allow) C:\users\greh2\appdata\local\programs\opera\66.0.3515.115\opera.exe => Brak pliku FirewallRules: [UDP Query User{AE9A09B2-E254-4A23-95BC-3A7261F990C1}C:\users\greh2\appdata\local\programs\opera\66.0.3515.115\opera.exe] => (Allow) C:\users\greh2\appdata\local\programs\opera\66.0.3515.115\opera.exe => Brak pliku FirewallRules: [TCP Query User{BE677178-4F2D-403E-9583-25A331FE4383}C:\users\greh2\appdata\local\programs\opera\67.0.3575.53\opera.exe] => (Allow) C:\users\greh2\appdata\local\programs\opera\67.0.3575.53\opera.exe => Brak pliku FirewallRules: [UDP Query User{F9FCA29A-CFEC-4C0B-BB0C-ABFEAB8AF36A}C:\users\greh2\appdata\local\programs\opera\67.0.3575.53\opera.exe] => (Allow) C:\users\greh2\appdata\local\programs\opera\67.0.3575.53\opera.exe => Brak pliku FirewallRules: [{DBB0F38D-F37F-4972-BEE3-39083C9DCE90}] => (Block) C:\users\greh2\appdata\local\programs\opera\67.0.3575.53\opera.exe => Brak pliku FirewallRules: [{1DEF282D-F2C5-48B9-8A84-9CA3B849D532}] => (Block) C:\users\greh2\appdata\local\programs\opera\67.0.3575.53\opera.exe => Brak pliku FirewallRules: [{5C1A8DC9-1E6E-4AAD-9950-F453E01679AE}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe => Brak pliku FirewallRules: [{34742B64-C06F-46AE-A200-22C6DB1877D9}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe => Brak pliku FirewallRules: [TCP Query User{7DC2660D-3DFA-4D41-8991-EBC7D38AEF59}C:\users\greh2\appdata\local\programs\opera\67.0.3575.79\opera.exe] => (Allow) C:\users\greh2\appdata\local\programs\opera\67.0.3575.79\opera.exe => Brak pliku FirewallRules: [UDP Query User{99D0BF2B-CD2B-4ADB-8FF7-CD17DC8ABDB8}C:\users\greh2\appdata\local\programs\opera\67.0.3575.79\opera.exe] => (Allow) C:\users\greh2\appdata\local\programs\opera\67.0.3575.79\opera.exe => Brak pliku FirewallRules: [{4420F4D1-032B-4DD7-8F92-1A1A0861148C}] => (Block) C:\users\greh2\appdata\local\programs\opera\67.0.3575.79\opera.exe => Brak pliku FirewallRules: [{F55766F8-1882-476B-BA39-8C1E20406B9E}] => (Block) C:\users\greh2\appdata\local\programs\opera\67.0.3575.79\opera.exe => Brak pliku FirewallRules: [TCP Query User{2171C184-E4C4-4B87-BFF3-D2DD5581B2C8}C:\users\greh2\appdata\local\programs\opera\67.0.3575.97\opera.exe] => (Allow) C:\users\greh2\appdata\local\programs\opera\67.0.3575.97\opera.exe => Brak pliku FirewallRules: [UDP Query User{7341499A-778B-4C5B-A74D-286736C316FB}C:\users\greh2\appdata\local\programs\opera\67.0.3575.97\opera.exe] => (Allow) C:\users\greh2\appdata\local\programs\opera\67.0.3575.97\opera.exe => Brak pliku FirewallRules: [{43E31EDD-BF21-4342-A480-6F21929258B7}] => (Block) C:\users\greh2\appdata\local\programs\opera\67.0.3575.97\opera.exe => Brak pliku FirewallRules: [{59D4ACA8-5F67-44EE-BF5D-4DA082B28B7C}] => (Block) C:\users\greh2\appdata\local\programs\opera\67.0.3575.97\opera.exe => Brak pliku FirewallRules: [TCP Query User{7170341D-A26F-406D-84B3-61BA6425A967}C:\users\greh2\appdata\local\programs\opera\67.0.3575.115\opera.exe] => (Allow) C:\users\greh2\appdata\local\programs\opera\67.0.3575.115\opera.exe => Brak pliku FirewallRules: [UDP Query User{52E51FBE-48B9-49E3-9250-38B7435B7F5C}C:\users\greh2\appdata\local\programs\opera\67.0.3575.115\opera.exe] => (Allow) C:\users\greh2\appdata\local\programs\opera\67.0.3575.115\opera.exe => Brak pliku FirewallRules: [{CE84137F-FC48-45BE-85D5-A9C77CAA9644}] => (Block) C:\users\greh2\appdata\local\programs\opera\67.0.3575.115\opera.exe => Brak pliku FirewallRules: [{0D02E9B7-E0E6-4515-958B-52F52298EA3B}] => (Block) C:\users\greh2\appdata\local\programs\opera\67.0.3575.115\opera.exe => Brak pliku FirewallRules: [{9EB7CC52-67A2-42E4-89F0-BBD6E25ADD0A}] => (Allow) C:\Users\greh2\AppData\Roaming\Zoom\bin\airhost.exe => Brak pliku FirewallRules: [TCP Query User{2B57E6E0-3F7C-4459-A5BC-EB85146D6EF6}C:\users\greh2\appdata\local\programs\opera\67.0.3575.137\opera.exe] => (Allow) C:\users\greh2\appdata\local\programs\opera\67.0.3575.137\opera.exe => Brak pliku FirewallRules: [UDP Query User{1358E5C7-50B8-4746-96F2-EFAC6B39FDDC}C:\users\greh2\appdata\local\programs\opera\67.0.3575.137\opera.exe] => (Allow) C:\users\greh2\appdata\local\programs\opera\67.0.3575.137\opera.exe => Brak pliku FirewallRules: [{233DA749-0E9C-4626-BDA3-A1B784188E17}] => (Block) C:\users\greh2\appdata\local\programs\opera\67.0.3575.137\opera.exe => Brak pliku FirewallRules: [{BE16CE34-33D1-4050-9913-9C0CF0A7B57B}] => (Block) C:\users\greh2\appdata\local\programs\opera\67.0.3575.137\opera.exe => Brak pliku FirewallRules: [TCP Query User{8B59A434-E89F-494C-9A36-670DD6CB521E}C:\users\greh2\appdata\local\programs\opera\68.0.3618.63\opera.exe] => (Allow) C:\users\greh2\appdata\local\programs\opera\68.0.3618.63\opera.exe => Brak pliku FirewallRules: [UDP Query User{365ABE62-0523-4331-B58A-35E2558CD6FE}C:\users\greh2\appdata\local\programs\opera\68.0.3618.63\opera.exe] => (Allow) C:\users\greh2\appdata\local\programs\opera\68.0.3618.63\opera.exe => Brak pliku FirewallRules: [{27C0C90F-B12A-44CA-AA93-45E2CBEE8367}] => (Block) C:\users\greh2\appdata\local\programs\opera\68.0.3618.63\opera.exe => Brak pliku FirewallRules: [{EAAD601A-AD9E-469A-B8DA-18FA7A4F8D85}] => (Block) C:\users\greh2\appdata\local\programs\opera\68.0.3618.63\opera.exe => Brak pliku FirewallRules: [TCP Query User{1A6E08C0-355F-4773-B102-41D467C7C963}C:\users\greh2\appdata\local\programs\opera\68.0.3618.104\opera.exe] => (Allow) C:\users\greh2\appdata\local\programs\opera\68.0.3618.104\opera.exe => Brak pliku FirewallRules: [UDP Query User{B90A05C6-D83F-4235-8CBD-5B93553ABF74}C:\users\greh2\appdata\local\programs\opera\68.0.3618.104\opera.exe] => (Allow) C:\users\greh2\appdata\local\programs\opera\68.0.3618.104\opera.exe => Brak pliku FirewallRules: [{C8FF3A9C-C46E-4F78-B2BC-B26854F3B9CC}] => (Block) C:\users\greh2\appdata\local\programs\opera\68.0.3618.104\opera.exe => Brak pliku FirewallRules: [{DB295E5E-1CCE-4F46-AA42-7231A89578C2}] => (Block) C:\users\greh2\appdata\local\programs\opera\68.0.3618.104\opera.exe => Brak pliku FirewallRules: [TCP Query User{FEA785A3-1E6C-4FE3-A17A-D5E72456B5CD}C:\users\greh2\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Allow) C:\users\greh2\appdata\local\programs\opera\68.0.3618.125\opera.exe => Brak pliku FirewallRules: [UDP Query User{81778D22-0FB4-4AF0-8041-51BEAE72B10D}C:\users\greh2\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Allow) C:\users\greh2\appdata\local\programs\opera\68.0.3618.125\opera.exe => Brak pliku FirewallRules: [{04AFC5ED-CAF2-4EFB-8250-AA5D351766D6}] => (Block) C:\users\greh2\appdata\local\programs\opera\68.0.3618.125\opera.exe => Brak pliku FirewallRules: [{A11DF1A6-9D31-4402-B5A3-F56E361E3285}] => (Block) C:\users\greh2\appdata\local\programs\opera\68.0.3618.125\opera.exe => Brak pliku FirewallRules: [{C1C37B2A-1D54-40C2-AAB5-F39AA49838DA}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe => Brak pliku FirewallRules: [{B3534147-DCFB-44BF-8289-5FED748F54E9}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe => Brak pliku FirewallRules: [{D7F92922-DD5F-4DCC-A649-F64CC6F5105F}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe => Brak pliku FirewallRules: [{FBF7E768-1CFC-40EB-ACA6-2A69A9519D8E}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe => Brak pliku RemoveProxy: ***************** Procesy zostały pomyślnie zamknięte. Punkt przywracania został pomyślnie utworzony. ========================= File: C:\Windows\system32\winlogui.exe ======================== C:\Windows\system32\winlogui.exe Brak podpisu cyfrowego MD5: FB9F4EB58354E9D3D6B7F84F5D12B639 Data utworzenia i modyfikacji: 2020-06-26 06:53 - 2020-06-27 17:32 Rozmiar: 000750592 Atrybuty: ----A Firma: Microsoft Corporation Wewnętrzna nazwa: Oryginalna nazwa: winlogui.exe Produkt: Microsoft® Windows® Operating System Opis: Windows Logon GUI Application Plik Wersja: 10.0.18362.418 Produkt Wersja: 10.0.18362.418 Prawa autorskie: © Microsoft Corporation. All rights reserved. VirusTotal: https://www.virustotal.com/gui/file/91bfb82ed5c32979368eddcd34861b631926d2352d16adf189944c4ba8ccf4e1/detection/f-91bfb82ed5c32979368eddcd34861b631926d2352d16adf189944c4ba8ccf4e1-1593720806 ====== Koniec File: ====== VirusTotal: C:\Windows\system32\svchost.exe => https://www.virustotal.com/gui/file/dd191a5b23df92e12a8852291f9fb5ed594b76a28a5a464418442584afd1e048/detection/f-dd191a5b23df92e12a8852291f9fb5ed594b76a28a5a464418442584afd1e048-1593760630 VirusTotal: C:\Windows\SysWOW64\svchost.exe => https://www.virustotal.com/gui/file/5be0de7f915ba819d4ba048db7a2a87f6f3253fdd4865dc418181a0d6a031caa/detection/f-5be0de7f915ba819d4ba048db7a2a87f6f3253fdd4865dc418181a0d6a031caa-1593709188 "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth" => pomyślnie usunięto HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => pomyślnie usunięto HKU\S-1-5-21-2327329111-4195501157-308640029-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2e0602f4-2d6d-11ea-8a5b-f0761c17580f} => pomyślnie usunięto HKU\S-1-5-21-2327329111-4195501157-308640029-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{967e991c-40dd-11ea-8a5e-f0761c17580f} => pomyślnie usunięto "HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{18A349FE-6384-4B4C-84C6-24338949AE0A}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18A349FE-6384-4B4C-84C6-24338949AE0A}" => pomyślnie usunięto C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\StartupCheckLibrary" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5C4C2529-FC92-4E79-9442-BADD7B8D74DB}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C4C2529-FC92-4E79-9442-BADD7B8D74DB}" => pomyślnie usunięto C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1577790336 => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1577790336" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8075763C-7BFD-49DF-86A4-AED1A6EBFFB9}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8075763C-7BFD-49DF-86A4-AED1A6EBFFB9}" => pomyślnie usunięto C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting\winrmsrv => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Error Reporting\winrmsrv" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9A8680D3-ECEB-4584-834A-D77D3D9D4446}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A8680D3-ECEB-4584-834A-D77D3D9D4446}" => pomyślnie usunięto C:\Windows\System32\Tasks\Microsoft\Windows\WDI\SrvHost => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WDI\SrvHost" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D6BB9E81-A65D-481E-8A9D-DF93403927B3}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6BB9E81-A65D-481E-8A9D-DF93403927B3}" => pomyślnie usunięto C:\Windows\System32\Tasks\Microsoft\Windows\Wininet\Winlogui => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Wininet\Winlogui" => pomyślnie usunięto C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => pomyślnie przeniesiono "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{a99d9f13-2466-4947-8a72-a329a1cd9562}\\DhcpNameServer" => pomyślnie usunięto "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{b5992ae6-2b56-4381-8039-754991138cb1}\\NameServer" => pomyślnie usunięto "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{b5992ae6-2b56-4381-8039-754991138cb1}\\DhcpNameServer" => pomyślnie usunięto "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{dd324703-f371-4de2-b6c6-13ad850bdcd9}\\DhcpNameServer" => pomyślnie usunięto HKLM\System\CurrentControlSet\Services\wuauserv => pomyślnie usunięto wuauserv => serwis pomyślnie usunięto wuauserv => serwis nie znaleziono. HKLM\System\CurrentControlSet\Services\QHActiveDefense => pomyślnie usunięto QHActiveDefense => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\QHProtected => pomyślnie usunięto QHProtected => serwis pomyślnie usunięto "C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1577790336" => nie znaleziono HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SD360 => pomyślnie usunięto HKLM\Software\Classes\CLSID\{086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => pomyślnie usunięto HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\SD360 => pomyślnie usunięto HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => pomyślnie usunięto HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SD360 => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{15300500-C747-40F4-B055-94A76B3E036F}C:\users\greh2\appdata\local\programs\opera\65.0.3467.78\opera.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9E838389-9C41-4F85-AB35-030FF729228A}C:\users\greh2\appdata\local\programs\opera\65.0.3467.78\opera.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8C571959-4E4E-4E7C-8D65-8C7115DBF81A}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{21509E82-B96B-430D-A13B-202D723BA112}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3ABF7104-B363-453A-AC21-49DD40861E69}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{811E1F32-6328-44C9-8D58-77A61425250D}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BBF8B65B-B8E9-4FFA-AFD2-B5ACD0D1D691}C:\users\greh2\appdata\local\programs\opera\66.0.3515.44\opera.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7D0B1641-7AD9-4D5A-8205-E43A26BB6606}C:\users\greh2\appdata\local\programs\opera\66.0.3515.44\opera.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3313A3DF-56B0-4A2E-9EFF-E0EC7697A182}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{260854DF-961F-4AE1-B7BA-97DECF34A46C}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{06AD7D9B-F1BC-4CA9-BF73-06B853008E7A}C:\users\greh2\appdata\local\programs\opera\66.0.3515.72\opera.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2648CE49-D6D1-4FFD-AD5E-41D108D4A168}C:\users\greh2\appdata\local\programs\opera\66.0.3515.72\opera.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{290A562B-1E26-4B14-BDDF-571D69C652BE}C:\users\greh2\appdata\local\programs\opera\66.0.3515.103\opera.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6FF004FE-ECAA-4FC9-AA15-B18DE72D2732}C:\users\greh2\appdata\local\programs\opera\66.0.3515.103\opera.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{22C5DC48-EC5F-4216-82F5-D68F054821F9}C:\users\greh2\appdata\local\programs\opera\66.0.3515.103\opera.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6C671A26-B160-4E9D-B619-6EE692CB4C30}C:\users\greh2\appdata\local\programs\opera\66.0.3515.103\opera.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DB7A2943-B13B-4634-8B47-41E89AA39840}C:\users\greh2\appdata\local\programs\opera\66.0.3515.115\opera.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AE9A09B2-E254-4A23-95BC-3A7261F990C1}C:\users\greh2\appdata\local\programs\opera\66.0.3515.115\opera.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BE677178-4F2D-403E-9583-25A331FE4383}C:\users\greh2\appdata\local\programs\opera\67.0.3575.53\opera.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F9FCA29A-CFEC-4C0B-BB0C-ABFEAB8AF36A}C:\users\greh2\appdata\local\programs\opera\67.0.3575.53\opera.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DBB0F38D-F37F-4972-BEE3-39083C9DCE90}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1DEF282D-F2C5-48B9-8A84-9CA3B849D532}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5C1A8DC9-1E6E-4AAD-9950-F453E01679AE}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{34742B64-C06F-46AE-A200-22C6DB1877D9}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7DC2660D-3DFA-4D41-8991-EBC7D38AEF59}C:\users\greh2\appdata\local\programs\opera\67.0.3575.79\opera.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{99D0BF2B-CD2B-4ADB-8FF7-CD17DC8ABDB8}C:\users\greh2\appdata\local\programs\opera\67.0.3575.79\opera.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4420F4D1-032B-4DD7-8F92-1A1A0861148C}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F55766F8-1882-476B-BA39-8C1E20406B9E}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2171C184-E4C4-4B87-BFF3-D2DD5581B2C8}C:\users\greh2\appdata\local\programs\opera\67.0.3575.97\opera.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7341499A-778B-4C5B-A74D-286736C316FB}C:\users\greh2\appdata\local\programs\opera\67.0.3575.97\opera.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{43E31EDD-BF21-4342-A480-6F21929258B7}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{59D4ACA8-5F67-44EE-BF5D-4DA082B28B7C}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7170341D-A26F-406D-84B3-61BA6425A967}C:\users\greh2\appdata\local\programs\opera\67.0.3575.115\opera.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{52E51FBE-48B9-49E3-9250-38B7435B7F5C}C:\users\greh2\appdata\local\programs\opera\67.0.3575.115\opera.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CE84137F-FC48-45BE-85D5-A9C77CAA9644}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0D02E9B7-E0E6-4515-958B-52F52298EA3B}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9EB7CC52-67A2-42E4-89F0-BBD6E25ADD0A}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2B57E6E0-3F7C-4459-A5BC-EB85146D6EF6}C:\users\greh2\appdata\local\programs\opera\67.0.3575.137\opera.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1358E5C7-50B8-4746-96F2-EFAC6B39FDDC}C:\users\greh2\appdata\local\programs\opera\67.0.3575.137\opera.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{233DA749-0E9C-4626-BDA3-A1B784188E17}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BE16CE34-33D1-4050-9913-9C0CF0A7B57B}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8B59A434-E89F-494C-9A36-670DD6CB521E}C:\users\greh2\appdata\local\programs\opera\68.0.3618.63\opera.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{365ABE62-0523-4331-B58A-35E2558CD6FE}C:\users\greh2\appdata\local\programs\opera\68.0.3618.63\opera.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{27C0C90F-B12A-44CA-AA93-45E2CBEE8367}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EAAD601A-AD9E-469A-B8DA-18FA7A4F8D85}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1A6E08C0-355F-4773-B102-41D467C7C963}C:\users\greh2\appdata\local\programs\opera\68.0.3618.104\opera.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B90A05C6-D83F-4235-8CBD-5B93553ABF74}C:\users\greh2\appdata\local\programs\opera\68.0.3618.104\opera.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C8FF3A9C-C46E-4F78-B2BC-B26854F3B9CC}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DB295E5E-1CCE-4F46-AA42-7231A89578C2}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FEA785A3-1E6C-4FE3-A17A-D5E72456B5CD}C:\users\greh2\appdata\local\programs\opera\68.0.3618.125\opera.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{81778D22-0FB4-4AF0-8041-51BEAE72B10D}C:\users\greh2\appdata\local\programs\opera\68.0.3618.125\opera.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{04AFC5ED-CAF2-4EFB-8250-AA5D351766D6}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A11DF1A6-9D31-4402-B5A3-F56E361E3285}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C1C37B2A-1D54-40C2-AAB5-F39AA49838DA}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B3534147-DCFB-44BF-8289-5FED748F54E9}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D7F92922-DD5F-4DCC-A649-F64CC6F5105F}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FBF7E768-1CFC-40EB-ACA6-2A69A9519D8E}" => pomyślnie usunięto ========= RemoveProxy: ========= "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => pomyślnie usunięto "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => pomyślnie usunięto "HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => pomyślnie usunięto "HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => pomyślnie usunięto "HKU\S-1-5-21-2327329111-4195501157-308640029-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => pomyślnie usunięto "HKU\S-1-5-21-2327329111-4195501157-308640029-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => pomyślnie usunięto ========= Koniec RemoveProxy: ========= =========== EmptyTemp: ========== BITS transfer queue => 9199616 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 729959572 B Java, Flash, Steam htmlcache => 0 B Windows/system/drivers => 13093036 B Edge => 92337 B Chrome => 0 B Firefox => 1085610590 B Opera => 461635266 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 28030 B NetworkService => 28030 B greh2 => 57921012 B RecycleBin => 0 B EmptyTemp: => 2.2 GB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 20:05:45 ====