Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 21-07-2022 Uruchomiony przez Krystian (22-07-2022 00:46:27) Run:1 Uruchomiony z D:\Instalki Załadowane profile: Krystian Tryb startu: Normal ============================================== fixlist - zawartość: ***************** ̩CloseProcesses: CreateRestorePoint: Task: {CDCEA2C0-B72B-4BDF-999A-687D2B9A716F} - System32\Tasks\systemreset => powershell -EncodedCommand "PAAjAHkAdwB4ACMAPgAgAFMAdABhAHIAdAAtAFAAcgBvAGMAZQBzAHMAIAAtAEYAaQBsAGUAUABhAHQAaAAgACcAQwA6AFwAUAByAG8AZwByAGEAbQAgAEYAaQBsAGUAcwBcAFcAaQBuAGQAbwB3AHMATQBhAGwAdwBhAHIAZQBQAHIAbwB0AGUAYwB0AGkAbwBuAFwAYwBvAG4AZgBpAGcAXABzAHkAcwB0AGUAbQByAGUAcwBlAHQALgBlAHgAZQAnACAALQBWAGUAcgBiACAAUgB (dane wartości zawierają 34 znaków więcej). HKU\S-1-5-21-3627326742-2376281256-4078815210-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1801048 2022-07-05] (Overwolf Ltd -> Overwolf Ltd.) Task: {18169EAA-8C9A-4880-81F2-6AC454C590FC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.) Task: {88F3E88E-05EC-4CA9-AB7B-FA6D2BD05E93} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-07-05] (Overwolf Ltd -> Overwolf LTD) Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (Brak pliku) Tcpip\Parameters: [DhcpNameServer] 192.168.101.1 8.8.8.8 4.4.4.4 Tcpip\..\Interfaces\{87122869-6399-46f3-9d55-6a9ccadb6807}: [DhcpNameServer] 192.168.101.1 8.8.8.8 4.4.4.4 CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] C:\Users\Krystian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom CustomCLSID: HKU\S-1-5-21-3627326742-2376281256-4078815210-1001_Classes\CLSID\{3f5d0051-61b8-0f45-6166-996cfb4f914f}\localserver32 -> "C:\Program Files\PowerToys\modules\launcher\PowerToys.PowerLauncher.exe" -ToastActivated => Brak pliku CustomCLSID: HKU\S-1-5-21-3627326742-2376281256-4078815210-1001_Classes\CLSID\{BFBE0943-74C5-40E0-9E80-0B808109E95D}\InprocServer32 -> C:\Users\Krystian\AppData\Local\Microsoft\EdgeUpdate\1.3.163.19\psuser_64.dll => Brak pliku AlternateDataStreams: C:\ProgramData\DP45977C.lfl:677104FCAA [3442] AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [3442] AlternateDataStreams: C:\ProgramData\UDATHXD.ini:386922F0F3 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk:0C48161B06 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [3442] HKU\S-1-5-21-3627326742-2376281256-4078815210-1001\Software\Classes\.bat: => <==== UWAGA HKU\S-1-5-21-3627326742-2376281256-4078815210-1001\Software\Classes\.cmd: => <==== UWAGA FirewallRules: [{3C3E2F32-88B6-459B-952D-EDB1E2202ED7}] => (Allow) C:\Program Files (x86)\Overwolf\0.199.0.15\OverwolfBrowser.exe => Brak pliku FirewallRules: [{0CDB1761-7675-42BF-ADD5-06A64AD4FE66}] => (Allow) C:\Program Files (x86)\Overwolf\0.199.0.15\OverwolfBrowser.exe => Brak pliku FirewallRules: [{1280711D-4C1B-470B-91D9-F3967FAD0542}] => (Block) C:\Program Files (x86)\Overwolf\0.199.0.15\OverwolfBrowser.exe => Brak pliku FirewallRules: [{5D7730E9-C529-481A-9DEA-19EC898233EB}] => (Block) C:\Program Files (x86)\Overwolf\0.199.0.15\OverwolfBrowser.exe => Brak pliku 2022-07-06 11:52 - 2022-07-06 11:52 - 000003970 _____ C:\WINDOWS\system32\Tasks\systemreset CMD: ipconfig /flushdns EmptyEventLogs: EmptyTemp: ***************** Procesy zostały pomyślnie zamknięte. Punkt przywracania został pomyślnie utworzony. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CDCEA2C0-B72B-4BDF-999A-687D2B9A716F}" => nie znaleziono "C:\WINDOWS\System32\Tasks\systemreset" => nie znaleziono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\systemreset" => nie znaleziono "HKU\S-1-5-21-3627326742-2376281256-4078815210-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Overwolf" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{18169EAA-8C9A-4880-81F2-6AC454C590FC}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18169EAA-8C9A-4880-81F2-6AC454C590FC}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{88F3E88E-05EC-4CA9-AB7B-FA6D2BD05E93}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88F3E88E-05EC-4CA9-AB7B-FA6D2BD05E93}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\Overwolf Updater Task => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Overwolf Updater Task" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => pomyślnie usunięto "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer" => pomyślnie usunięto "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{87122869-6399-46f3-9d55-6a9ccadb6807}\\DhcpNameServer" => pomyślnie usunięto HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb => pomyślnie usunięto HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => pomyślnie usunięto C:\Users\Krystian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom => pomyślnie przeniesiono HKU\S-1-5-21-3627326742-2376281256-4078815210-1001_Classes\CLSID\{3f5d0051-61b8-0f45-6166-996cfb4f914f} => pomyślnie usunięto HKU\S-1-5-21-3627326742-2376281256-4078815210-1001_Classes\CLSID\{BFBE0943-74C5-40E0-9E80-0B808109E95D} => pomyślnie usunięto C:\ProgramData\DP45977C.lfl => ":677104FCAA" ADS pomyślnie usunięto C:\ProgramData\mntemp => ":8EAD8B3507" ADS pomyślnie usunięto C:\ProgramData\UDATHXD.ini => ":386922F0F3" ADS pomyślnie usunięto C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini => ":B1DA6C571C" ADS pomyślnie usunięto C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini => ":41964AA945" ADS pomyślnie usunięto C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk => ":0C48161B06" ADS pomyślnie usunięto C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk => ":F20EF51E1F" ADS pomyślnie usunięto HKU\S-1-5-21-3627326742-2376281256-4078815210-1001\Software\Classes\.bat => pomyślnie usunięto HKU\S-1-5-21-3627326742-2376281256-4078815210-1001\Software\Classes\.cmd => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3C3E2F32-88B6-459B-952D-EDB1E2202ED7}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0CDB1761-7675-42BF-ADD5-06A64AD4FE66}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1280711D-4C1B-470B-91D9-F3967FAD0542}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5D7730E9-C529-481A-9DEA-19EC898233EB}" => pomyślnie usunięto "C:\WINDOWS\system32\Tasks\systemreset" => nie znaleziono ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= Koniec CMD: ========= =========== EmptyEventLogs: ========== 1126 Event logs cleared. ================================ =========== EmptyTemp: ========== BITS transfer queue => 1310720 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19165163 B Java, Discord, Steam htmlcache => 54459534 B Windows/system/drivers => 4491766 B Edge => 0 B Chrome => 1147954005 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 8294 B NetworkService => 303516 B Krystian => 53754126 B RecycleBin => 0 B EmptyTemp: => 1.2 GB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 00:47:26 ====