Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 16-09-2024 Uruchomiony przez Łukasz (04-10-2024 15:25:32) Run:1 Uruchomiony z D:\f Załadowane profile: Łukasz Tryb startu: Normal ============================================== fixlist - zawartość: ***************** start:: CreateRestorePoint: CloseProcesses: cmd: type "C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\wtime.cmd" cmd: type "C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\wlocale.cmd" HKLM\...\Winlogon: [Shell] explorer.exe, "C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\wtime.cmd" wlocale.cmd <=== UWAGA HKLM-x32\...\Winlogon: [Shell] C:\Windows\SysWOW64\explorer.exe [4123184 2021-03-22] (Microsoft Windows -> Microsoft Corporation) <=== UWAGA HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Ograniczenia <==== UWAGA HKU\S-1-5-21-3873197050-2505245858-2280241419-1003\...\MountPoints2: E - "E:\autorun.exe" IFEO\notepad.exe: [Debugger] C:\Windows\System32\Notepad2.exe /z HKLM\SOFTWARE\Policies\Microsoft\Edge: Ograniczenia <==== UWAGA Task: {b67ab41a-4a8d-4b47-8f5a-9c735ad24b4e} - Brak ścieżki do pliku. <==== UWAGA Task: {ffe5bbdd-0481-4f60-b272-8cadfb293f5c} - Brak ścieżki do pliku. <==== UWAGA HKU\S-1-5-21-3873197050-2505245858-2280241419-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <==== UWAGA FF Plugin: @videolan.org/vlc,version=3.0.11 -> D:\PROGRAMS\VLC\npvlc.dll [Brak pliku] CHR StartupUrls: Default -> "hxxps://www.facebook.com/?stype=lo&jlou=AffcAczVQV3djZdp59gxgPQz1bXzE4Ab3_rh0zX769ryyKbsJ0o4jz4_Z5kjfAp2X6vEq6rgSfneKxZSo1Ql0RpHahiVXGsVtTtj567f4-MBow&smuh=27506&lh=Ac89qgHzWt5vVwMR","hxxps://www.youtube.com/watch?v=G3Ts_zPYh04&list=RDMMLnLciFRwiPo&index=13","hxxps://usunwirusa.pl/przekierowania-search-yahoo-com/#h-google-chrome","hxxps://www.pcrisk.pl/narzedzia-usuwania/7838-search-yahoo-com-redirect" U4 AdobeFlashPlayerUpdateSvc; Brak ImagePath S1 EneTechIo; \??\C:\Windows\system32\drivers\ene.sys [X] CustomCLSID: HKU\S-1-5-21-3873197050-2505245858-2280241419-1003_Classes\CLSID\{041F9391-C79D-44EE-AA4E-AF4E029C4B47}\InprocServer32 -> C:\Users\Łukasz\AppData\Local\Google\Update\1.3.36.112\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-3873197050-2505245858-2280241419-1003_Classes\CLSID\{1F9E0710-2073-435F-9C1B-F29946205947}\InprocServer32 -> C:\Users\Łukasz\AppData\Local\Google\Update\1.3.36.152\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-3873197050-2505245858-2280241419-1003_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe" -ToastActivated => Brak pliku CustomCLSID: HKU\S-1-5-21-3873197050-2505245858-2280241419-1003_Classes\CLSID\{2919A592-BF5E-4AF5-A658-84454D70841E}\InprocServer32 -> C:\Users\Łukasz\AppData\Local\Google\Update\1.3.36.202\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-3873197050-2505245858-2280241419-1003_Classes\CLSID\{3BC2EF70-3830-43FC-9009-029942FD2DCE}\InprocServer32 -> C:\Users\Łukasz\AppData\Local\Google\Update\1.3.36.372\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-3873197050-2505245858-2280241419-1003_Classes\CLSID\{5D44759C-CF3F-433D-9EA0-267E45577C77}\InprocServer32 -> C:\Users\Łukasz\AppData\Local\Google\Update\1.3.36.212\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-3873197050-2505245858-2280241419-1003_Classes\CLSID\{69545769-8D02-4B07-A481-AD374CD8D5D1}\InprocServer32 -> C:\Users\Łukasz\AppData\Local\Google\Update\1.3.36.132\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-3873197050-2505245858-2280241419-1003_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6}\InprocServer32 -> C:\Users\Łukasz\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-3873197050-2505245858-2280241419-1003_Classes\CLSID\{75399D28-E622-4973-8752-BC0F7DC47AF3}\InprocServer32 -> C:\Users\Łukasz\AppData\Local\Google\Update\1.3.36.122\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-3873197050-2505245858-2280241419-1003_Classes\CLSID\{816E4B50-C8D5-4AA6-A5DD-65187BE041F5}\InprocServer32 -> C:\Users\Łukasz\AppData\Local\Google\Update\1.3.36.363\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-3873197050-2505245858-2280241419-1003_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\Łukasz\AppData\Local\Google\Update\1.3.36.372\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-3873197050-2505245858-2280241419-1003_Classes\CLSID\{8B480070-D37D-4090-A063-7A429F849652}\InprocServer32 -> C:\Users\Łukasz\AppData\Local\Google\Update\1.3.36.92\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-3873197050-2505245858-2280241419-1003_Classes\CLSID\{90301EC6-0EDC-45B4-AED8-72572E27A6C4}\InprocServer32 -> C:\Users\Łukasz\AppData\Local\Google\Update\1.3.36.323\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-3873197050-2505245858-2280241419-1003_Classes\CLSID\{AE9899FA-E21F-4D91-BD1F-59BC10E56CA1}\InprocServer32 -> C:\Users\Łukasz\AppData\Local\Google\Update\1.3.36.292\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-3873197050-2505245858-2280241419-1003_Classes\CLSID\{BE5C2E39-090F-46A2-AFAA-47540743B4FE}\InprocServer32 -> C:\Users\Łukasz\AppData\Local\Google\Update\1.3.36.102\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-3873197050-2505245858-2280241419-1003_Classes\CLSID\{CA07EE63-A212-4373-AE82-FBF92FCA8DCC}\InprocServer32 -> C:\Users\Łukasz\AppData\Local\Google\Update\1.3.36.242\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-3873197050-2505245858-2280241419-1003_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E}\InprocServer32 -> C:\Users\Łukasz\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-3873197050-2505245858-2280241419-1003_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> C:\Users\Łukasz\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-3873197050-2505245858-2280241419-1003_Classes\CLSID\{DA06AAE8-5748-4509-850F-17AA522F8372}\InprocServer32 -> C:\Users\Łukasz\AppData\Local\Google\Update\1.3.36.272\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-3873197050-2505245858-2280241419-1003_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\Łukasz\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-3873197050-2505245858-2280241419-1003_Classes\CLSID\{E4949BE6-C9FF-4AFA-8672-6127D857418B}\InprocServer32 -> C:\Users\Łukasz\AppData\Local\Google\Update\1.3.36.312\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-3873197050-2505245858-2280241419-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Łukasz\AppData\Local\Google\Update\1.3.36.372\psuser_64.dll => Brak pliku AlternateDataStreams: C:\ProgramData:96d866dd [1198] AlternateDataStreams: C:\ProgramData:b8ba71d3 [760] AlternateDataStreams: C:\ProgramData:NT [40] AlternateDataStreams: C:\Users\All Users:96d866dd [1198] AlternateDataStreams: C:\Users\All Users:b8ba71d3 [760] AlternateDataStreams: C:\Users\All Users:NT [40] AlternateDataStreams: C:\ProgramData\MTA San Andreas All:96d866dd [1198] AlternateDataStreams: C:\ProgramData\MTA San Andreas All:b8ba71d3 [760] AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40] AlternateDataStreams: C:\Users\Łukasz\Dane aplikacji:96d866dd [1198] AlternateDataStreams: C:\Users\Łukasz\Dane aplikacji:b8ba71d3 [760] AlternateDataStreams: C:\Users\Łukasz\Dane aplikacji:NT [40] AlternateDataStreams: C:\Users\Łukasz\AppData\Roaming:96d866dd [1198] AlternateDataStreams: C:\Users\Łukasz\AppData\Roaming:b8ba71d3 [760] AlternateDataStreams: C:\Users\Łukasz\AppData\Roaming:NT [40] AlternateDataStreams: C:\Users\Łukasz\Documents\GTA San Andreas User Files:96d866dd [1198] AlternateDataStreams: C:\Users\Łukasz\Documents\GTA San Andreas User Files:b8ba71d3 [760] FirewallRules: [TCP Query User{F76AA2D4-491C-4606-B445-2227F172C85E}D:\f\terrascape\terrascape.exe] => (Block) D:\f\terrascape\terrascape.exe => Brak pliku FirewallRules: [UDP Query User{30D561FC-A063-43A9-8A7F-4662C3507462}D:\f\terrascape\terrascape.exe] => (Block) D:\f\terrascape\terrascape.exe => Brak pliku FirewallRules: [TCP Query User{F357CB4D-C84A-4EB4-AAEC-BDF4CD8C419A}D:\f\might-and-magic-h7tbf-steamrip.com\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Block) D:\f\might-and-magic-h7tbf-steamrip.com\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe => Brak pliku FirewallRules: [UDP Query User{CAF7F083-17FC-4A71-951E-19A3E0FBB237}D:\f\might-and-magic-h7tbf-steamrip.com\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Block) D:\f\might-and-magic-h7tbf-steamrip.com\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe => Brak pliku FirewallRules: [{BC4A5E2C-00A7-49E2-867D-EE200021A615}] => (Allow) D:\GAMES\GTAV\GTA5.exe => Brak pliku FirewallRules: [{C57BC832-6B1F-4D0D-B92F-AA0F805EC8B2}] => (Allow) D:\GAMES\GTAV\GTA5.exe => Brak pliku FirewallRules: [TCP Query User{3B8FDA7D-67F2-4C26-9D75-E0BEFA6A2876}C:\users\łukasz\appdata\local\fivem\fivem.exe] => (Block) C:\users\łukasz\appdata\local\fivem\fivem.exe => Brak pliku FirewallRules: [UDP Query User{7585DB3E-D4D9-430B-B00C-B641B359640F}C:\users\łukasz\appdata\local\fivem\fivem.exe] => (Block) C:\users\łukasz\appdata\local\fivem\fivem.exe => Brak pliku FirewallRules: [TCP Query User{522482AE-FC4A-48FA-A7EB-479BA5A451BA}C:\users\łukasz\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_authbrowser] => (Block) C:\users\łukasz\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_authbrowser => Brak pliku FirewallRules: [UDP Query User{64D5CCD9-27D8-4564-A49A-734695335734}C:\users\łukasz\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_authbrowser] => (Block) C:\users\łukasz\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_authbrowser => Brak pliku FirewallRules: [TCP Query User{632284E8-8D00-4C28-84C3-3ECFB9771F94}C:\users\łukasz\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe] => (Block) C:\users\łukasz\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe => Brak pliku FirewallRules: [UDP Query User{283E20C1-1D2D-4A9C-9332-2C4D6B4F5F97}C:\users\łukasz\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe] => (Block) C:\users\łukasz\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe => Brak pliku FirewallRules: [TCP Query User{712CDF59-2E5B-4626-A761-45E637D28F07}C:\users\łukasz\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_steamchild.exe] => (Block) C:\users\łukasz\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_steamchild.exe => Brak pliku FirewallRules: [UDP Query User{AE76D347-C606-46BA-AD05-51F9F9D85C2B}C:\users\łukasz\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_steamchild.exe] => (Block) C:\users\łukasz\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_steamchild.exe => Brak pliku FirewallRules: [{49B2FE4F-25A2-40DB-8906-67BD4C9BA86F}] => (Allow) C:\Users\Łukasz\AppData\Local\FiveM\FiveM.app\data\cache\subprocess\FiveM_b2699_GTAProcess.exe => Brak pliku FirewallRules: [{90EBD7F9-24B1-4CF2-A8A7-E6EF93F63824}] => (Allow) C:\Users\Łukasz\AppData\Local\FiveM\FiveM.app\data\cache\subprocess\FiveM_b2699_GTAProcess.exe => Brak pliku FirewallRules: [TCP Query User{59D218AB-EDC0-4975-920B-3C00A0C3DB75}D:\f\fivem\fivem.exe] => (Block) D:\f\fivem\fivem.exe => Brak pliku FirewallRules: [UDP Query User{CDA91ED5-436A-4631-A29D-2F07F369A2FE}D:\f\fivem\fivem.exe] => (Block) D:\f\fivem\fivem.exe => Brak pliku FirewallRules: [TCP Query User{81280450-B845-4394-B236-DAB4DA0C228A}D:\f\fivem\fivem.app\data\cache\subprocess\fivem_steamchild.exe] => (Block) D:\f\fivem\fivem.app\data\cache\subprocess\fivem_steamchild.exe => Brak pliku FirewallRules: [UDP Query User{9C125E18-0497-45E8-9107-1A41430C173E}D:\f\fivem\fivem.app\data\cache\subprocess\fivem_steamchild.exe] => (Block) D:\f\fivem\fivem.app\data\cache\subprocess\fivem_steamchild.exe => Brak pliku FirewallRules: [{22BEC82B-F438-4516-A9F7-554F2B6A8A55}] => (Allow) D:\f\fivem\FiveM.app\data\cache\subprocess\FiveM_b2699_GTAProcess.exe => Brak pliku FirewallRules: [{F8DDB4F3-1BD9-41E8-8031-A646E15B4DF6}] => (Allow) D:\f\fivem\FiveM.app\data\cache\subprocess\FiveM_b2699_GTAProcess.exe => Brak pliku FirewallRules: [{C7A3EF8E-F749-4073-9EB0-6AC85AFD6123}] => (Allow) D:\f\fivem\FiveM.app\data\cache\subprocess\FiveM_b3095_GTAProcess.exe => Brak pliku FirewallRules: [{6DB400A5-71A2-4300-8E9A-EADE580B4FFF}] => (Allow) D:\f\fivem\FiveM.app\data\cache\subprocess\FiveM_b3095_GTAProcess.exe => Brak pliku FirewallRules: [TCP Query User{E95D8358-70D3-4BFD-AF50-B65B8ACBED01}D:\f\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Block) D:\f\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser => Brak pliku FirewallRules: [UDP Query User{E03B78F1-6696-4617-A7DE-F41B6E955634}D:\f\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Block) D:\f\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser => Brak pliku FirewallRules: [TCP Query User{F4EB4D3D-5C5D-4FF0-822D-826FAE21693D}D:\f\age-of-mythology-r-steamrip.com\age of mythology retold\aomrt_s.exe] => (Block) D:\f\age-of-mythology-r-steamrip.com\age of mythology retold\aomrt_s.exe => Brak pliku FirewallRules: [UDP Query User{0FA6E7DB-2BD7-4B0E-BED2-42FBA9106A26}D:\f\age-of-mythology-r-steamrip.com\age of mythology retold\aomrt_s.exe] => (Block) D:\f\age-of-mythology-r-steamrip.com\age of mythology retold\aomrt_s.exe => Brak pliku FirewallRules: [TCP Query User{4ED7773D-1922-4DF0-8B2B-7F6B16BE9A37}D:\f\age-of-mythology-r-steamrip.com\age of mythology retold\battleserver.exe] => (Block) D:\f\age-of-mythology-r-steamrip.com\age of mythology retold\battleserver.exe => Brak pliku FirewallRules: [UDP Query User{B3F253B2-275B-4DCD-8DAF-4B8B01FF553D}D:\f\age-of-mythology-r-steamrip.com\age of mythology retold\battleserver.exe] => (Block) D:\f\age-of-mythology-r-steamrip.com\age of mythology retold\battleserver.exe => Brak pliku FirewallRules: [{54196F1A-75F0-4F36-8CD9-2CEC88ACA82F}] => (Block) C:\Program Files (x86)\MacroRecorder\MacroRecorder.exe => Brak pliku FirewallRules: [{07E6470C-CE85-4401-8D85-2E9CD8E596D1}] => (Block) C:\Program Files (x86)\MacroRecorder\MacroRecorder.exe => Brak pliku end:: ***************** Punkt przywracania został pomyślnie utworzony.