Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 19.06.2024 Uruchomiony przez Józef (21-06-2024 16:52:55) Run:4 Uruchomiony z C:\Users\Józef\Desktop\frst Załadowane profile: Józef & Administrator Tryb startu: Normal ============================================== fixlist - zawartość: ***************** start:: CreateRestorePoint: CloseProcesses: EmptyTemp: HKLM\...\Run: [] => [X] HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-982215139-1930475818-4253747224-1001\...\Run: [] => [X] HKU\S-1-5-21-982215139-1930475818-4253747224-1001\...\Run: [RapooOptions_750s] => [X] HKU\S-1-5-21-982215139-1930475818-4253747224-1001\...\Policies\Explorer: [] HKU\S-1-5-21-982215139-1930475818-4253747224-1001\...\MountPoints2: {07d3d832-64d8-11ed-88fa-ee0e12c2c589} - "G:\LaunchU3.exe" -a HKU\S-1-5-21-982215139-1930475818-4253747224-1001\...\MountPoints2: {3966a68f-68a6-11ed-890b-e695f09df888} - "G:\Setup.exe" HKU\S-1-5-21-982215139-1930475818-4253747224-1001\...\MountPoints2: {50b29f38-7ed9-11ed-893f-df5f09bed5c5} - "J:\winhello.exe" HKU\S-1-5-21-982215139-1930475818-4253747224-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [5472312 2024-06-13] (Microsoft Windows -> Microsoft Corporation) <==== UWAGA Task: {B300A809-6B3A-4573-8445-FB63113FE64D} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5472312 2024-06-13] (Microsoft Windows -> Microsoft Corporation) Task: {53B1FC2C-CC34-44F2-B7C0-235978F3E829} - System32\Tasks\lib32 => C:\Users\Józef\AppData\Roaming\lib32.exe (Brak pliku) <==== UWAGA Task: {BB85F5C5-43A9-4160-8DAF-C507FB06DB46} - System32\Tasks\Microsoft\Windows\Bluetooth\CLEANTASK => C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe [450560 2024-02-14] (Microsoft Windows -> Microsoft Corporation) -> -WindowStyle Hidden -ExecutionPolicy Bypass -File "C:\Users\JZEF~1\AppData\Local\Temp\5c99d897-8439-4419-8f9d-9e179926add7.ps1" <==== UWAGA Task: {CFA48694-942F-470F-88FE-356BF37F38C9} - System32\Tasks\Microsoft\Windows\EnvoySinks\Method => C:\Users\Józef\AppData\Roaming\EnvoySinks\Method.exe (Brak pliku) Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Brak pliku) S2 AdskNLM; "C:\Program Files (x86)\Common Files\Autodesk Shared\Network License Manager\lmgrd.exe" [X] S3 Futuremark SystemInfo Service; "C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe" [X] S2 NahimicService; "%SystemRoot%\system32\NahimicService.exe" [X] S2 AMDRyzenMasterDriverV20; \??\C:\Program Files\AMD\RyzenMaster\bin\AMDRyzenMasterDriver.sys [X] S3 atillk64; \??\C:\Windows\Temp\Atiflash\atillk64.sys [X] <==== UWAGA S3 NDSPCIIO; \??\C:\Windows\system32\DRIVERS\NDSPCIIO64.SYS [X] S3 tapnordvpn; \SystemRoot\System32\drivers\tapnordvpn.sys [X] CustomCLSID: HKU\S-1-5-21-982215139-1930475818-4253747224-1001_Classes\CLSID\{169B5B8E-E315-41C7-9574-66FC7E530D10}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2024\acad.exe /Automation => Brak pliku CustomCLSID: HKU\S-1-5-21-982215139-1930475818-4253747224-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2024\acad.exe => Brak pliku CustomCLSID: HKU\S-1-5-21-982215139-1930475818-4253747224-1001_Classes\CLSID\{4e6f7264-5650-4e00-0000-000000000000}\localserver32 -> "C:\Program Files\NordVPN\NordVPN.exe" -ToastActivated => Brak pliku CustomCLSID: HKU\S-1-5-21-982215139-1930475818-4253747224-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32 -> => Brak pliku CustomCLSID: HKU\S-1-5-21-982215139-1930475818-4253747224-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2024\acad.exe /Automation => Brak pliku CustomCLSID: HKU\S-1-5-21-982215139-1930475818-4253747224-1001_Classes\CLSID\{AA46BA8A-9825-40FD-8493-0BA3C4D5CEB5}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2024\acad.exe /Automation => Brak pliku CustomCLSID: HKU\S-1-5-21-982215139-1930475818-4253747224-1001_Classes\CLSID\{AF18D91C-A699-4578-ADC6-972F3BA007F0}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2024\acad.exe /Automation => Brak pliku CustomCLSID: HKU\S-1-5-21-982215139-1930475818-4253747224-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2024\en-US\acadficn.dll => Brak pliku ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> Brak pliku AlternateDataStreams: C:\ProgramData\Reprise:jhqduwvxlctbqqijsf`usjbm`vovtfe.qpsu.obnfjhjlhlih [0] AlternateDataStreams: C:\ProgramData\TEMP:C895616B [108] AlternateDataStreams: C:\Users\Józef\Downloads\adwcleaner (1).exe:MBAM.Zone.Identifier [140] AlternateDataStreams: C:\Users\Józef\Downloads\qbittorrent_4.6.1_x64_setup (2).exe:MBAM.Zone.Identifier [345] HKU\S-1-5-21-982215139-1930475818-4253747224-1001\...\StartupApproved\Run: => "Isten" HKU\S-1-5-21-982215139-1930475818-4253747224-1001\...\StartupApproved\Run: => "Isten.pif" HKU\S-1-5-21-982215139-1930475818-4253747224-1001\...\StartupApproved\Run: => "RapooOptions_750s" FirewallRules: [{3107D53E-CB9A-4506-A987-E3A3DA18CE16}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => Brak pliku end::̩ ***************** Punkt przywracania został pomyślnie utworzony. Procesy zostały pomyślnie zamknięte. "HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => nie znaleziono "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => nie znaleziono "HKU\S-1-5-21-982215139-1930475818-4253747224-1001\Software\Microsoft\Windows\CurrentVersion\Run\\" => nie znaleziono "HKU\S-1-5-21-982215139-1930475818-4253747224-1001\Software\Microsoft\Windows\CurrentVersion\Run\\RapooOptions_750s" => nie znaleziono "HKU\S-1-5-21-982215139-1930475818-4253747224-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => nie znaleziono HKU\S-1-5-21-982215139-1930475818-4253747224-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{07d3d832-64d8-11ed-88fa-ee0e12c2c589} => nie znaleziono HKU\S-1-5-21-982215139-1930475818-4253747224-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3966a68f-68a6-11ed-890b-e695f09df888} => nie znaleziono HKU\S-1-5-21-982215139-1930475818-4253747224-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{50b29f38-7ed9-11ed-893f-df5f09bed5c5} => nie znaleziono "HKU\S-1-5-21-982215139-1930475818-4253747224-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell" => nie znaleziono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B300A809-6B3A-4573-8445-FB63113FE64D}" => nie znaleziono "C:\Windows\System32\Tasks\CreateExplorerShellUnelevatedTask" => nie znaleziono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CreateExplorerShellUnelevatedTask" => nie znaleziono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53B1FC2C-CC34-44F2-B7C0-235978F3E829}" => nie znaleziono "C:\Windows\System32\Tasks\lib32" => nie znaleziono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\lib32" => nie znaleziono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB85F5C5-43A9-4160-8DAF-C507FB06DB46}" => nie znaleziono "C:\Windows\System32\Tasks\Microsoft\Windows\Bluetooth\CLEANTASK" => nie znaleziono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Bluetooth\CLEANTASK" => nie znaleziono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFA48694-942F-470F-88FE-356BF37F38C9}" => nie znaleziono "C:\Windows\System32\Tasks\Microsoft\Windows\EnvoySinks\Method" => nie znaleziono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnvoySinks\Method" => nie znaleziono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => nie znaleziono "C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => nie znaleziono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => nie znaleziono AdskNLM => serwis nie znaleziono. Futuremark SystemInfo Service => serwis nie znaleziono. NahimicService => serwis nie znaleziono. AMDRyzenMasterDriverV20 => serwis nie znaleziono. atillk64 => serwis nie znaleziono. NDSPCIIO => serwis nie znaleziono. tapnordvpn => serwis nie znaleziono. HKU\S-1-5-21-982215139-1930475818-4253747224-1001_Classes\CLSID\{169B5B8E-E315-41C7-9574-66FC7E530D10} => nie znaleziono HKU\S-1-5-21-982215139-1930475818-4253747224-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8} => nie znaleziono HKU\S-1-5-21-982215139-1930475818-4253747224-1001_Classes\CLSID\{4e6f7264-5650-4e00-0000-000000000000} => nie znaleziono HKU\S-1-5-21-982215139-1930475818-4253747224-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2} => nie znaleziono HKU\S-1-5-21-982215139-1930475818-4253747224-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3} => nie znaleziono HKU\S-1-5-21-982215139-1930475818-4253747224-1001_Classes\CLSID\{AA46BA8A-9825-40FD-8493-0BA3C4D5CEB5} => nie znaleziono HKU\S-1-5-21-982215139-1930475818-4253747224-1001_Classes\CLSID\{AF18D91C-A699-4578-ADC6-972F3BA007F0} => nie znaleziono HKU\S-1-5-21-982215139-1930475818-4253747224-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005} => nie znaleziono HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ACE => nie znaleziono "C:\ProgramData\Reprise" => ":jhqduwvxlctbqqijsf`usjbm`vovtfe.qpsu.obnfjhjlhlih" ADS nie znaleziono. "C:\ProgramData\TEMP" => ":C895616B" ADS nie znaleziono. "C:\Users\Józef\Downloads\adwcleaner (1).exe" => ":MBAM.Zone.Identifier" ADS nie znaleziono. "C:\Users\Józef\Downloads\qbittorrent_4.6.1_x64_setup (2).exe" => ":MBAM.Zone.Identifier" ADS nie znaleziono. "HKU\S-1-5-21-982215139-1930475818-4253747224-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Isten" => nie znaleziono "HKU\S-1-5-21-982215139-1930475818-4253747224-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Isten" => nie znaleziono "HKU\S-1-5-21-982215139-1930475818-4253747224-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Isten.pif" => nie znaleziono "HKU\S-1-5-21-982215139-1930475818-4253747224-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Isten.pif" => nie znaleziono "HKU\S-1-5-21-982215139-1930475818-4253747224-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\RapooOptions_750s" => nie znaleziono "HKU\S-1-5-21-982215139-1930475818-4253747224-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\RapooOptions_750s" => nie znaleziono "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3107D53E-CB9A-4506-A987-E3A3DA18CE16}" => nie znaleziono =========== EmptyTemp: ========== FlushDNS => ukończone BITS transfer queue => 0 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9552681 B Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B Windows/system/drivers => 1006 B Edge => 0 B Chrome => 27157094 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 4230 B NetworkService => 4230 B Józef => 3974395264 B Administrator => 4034184834 B RecycleBin => 59456254 B EmptyTemp: => 7.5 GB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 16:56:51 ====