Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 31-07-2019 Uruchomiony przez work8 (02-08-2019 08:26:45) Run:1 Uruchomiony z C:\Users\work8\Desktop\FixiT\02 Załadowane profile: work8 (Dostępne profile: UpdatusUser & work8) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** AlternateDataStreams: C:\Users\work8\Cookies:DpmBkLv67WXbxTmquXJZph2 [596] AlternateDataStreams: C:\Users\work8\AppData\Local\GIWUNAl3iDEoOdy:7Xiv9cG2QHJgQ5byMIRgo [2030] AlternateDataStreams: C:\Users\work8\AppData\Local\Temporary Internet Files:dARdQE0NKd68dytLbsji [2154] MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Secure Search\vprot.exe" RemoveDirectory: C:\Program Files (x86)\AVG Secure Search FirewallRules: [WMPNSS-Out-TCP] => (Block) %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe Brak pliku FirewallRules: [WMPNSS-In-TCP] => (Block) %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe Brak pliku FirewallRules: [WMPNSS-Out-UDP] => (Block) %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe Brak pliku FirewallRules: [WMPNSS-In-UDP] => (Block) %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe Brak pliku FirewallRules: [WMPNSS-Out-TCP-NoScope] => (Block) %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe Brak pliku FirewallRules: [WMPNSS-In-TCP-NoScope] => (Block) %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe Brak pliku FirewallRules: [WMPNSS-Out-UDP-NoScope] => (Block) %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe Brak pliku FirewallRules: [WMPNSS-In-UDP-NoScope] => (Block) %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe Brak pliku FirewallRules: [{47802995-7F11-46D6-939E-5122FCC18292}] => (Block) %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe Brak pliku FirewallRules: [{FC84A8FB-425D-4873-AFC3-C98C7E958418}] => (Block) %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe Brak pliku FirewallRules: [{AEC2F8F6-C413-45D5-884A-FBD3F3A7CD0A}] => (Block) %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe Brak pliku FirewallRules: [{932533E6-BFE2-4786-8EAE-DC96B143D758}] => (Block) %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe Brak pliku FirewallRules: [{562743B8-4FC7-462F-AB28-6281AE18B510}] => (Allow) C:\program files (x86)\opera\58.0.3135.132\opera_autoupdate.exe Brak pliku FirewallRules: [{7437A7DE-A606-48F2-B41B-67C99B73922B}] => (Block) C:\program files (x86)\windows live\photo gallery\wlxphotogallery.exe Brak pliku FirewallRules: [{E5E51313-4395-4C48-8FEE-D7CC387B3F6E}] => (Allow) C:\program files (x86)\windows live\installer\wlarp.exe Brak pliku FirewallRules: [{DB1581F8-CFF4-4050-8B24-DA3E04B629BA}] => (Allow) D:\RadioSure\RadioSure.exe (TheBestWare Studio) [Brak podpisu cyfrowego] FirewallRules: [{55A129EF-B079-4184-A481-EDC0D80484C4}] => (Allow) %ProgramFiles% (x86)\Google\Chrome\Application\chrome.exe Brak pliku FirewallRules: [{9905E1C6-B6E4-463A-AA54-57FE6D3A8ABB}] => (Allow) %ProgramFiles% (x86)\Mozilla Firefox\firefox.exe Brak pliku FirewallRules: [{8C90EAF9-0538-4E1B-AB66-7016C5E58522}] => (Allow) %ProgramFiles% (x86)\Opera\launcher.exe Brak pliku FirewallRules: [{511B969B-2CD7-4D7B-AD94-5A823A41D380}] => (Allow) C:\programdata\avira\antivirus\temp\selfupdate\update.exe Brak pliku FirewallRules: [{32678706-0B54-480B-BBB0-2E3FB89B1CBF}] => (Allow) \device\harddiskvolume2\users\work8\desktop\flashplayer32_xa_install.exe Brak pliku FirewallRules: [{73AF48A3-53BD-4DA6-B0DC-C28E608B99D0}] => (Allow) C:\users\work8\desktop\flashplayer32_xa_install.exe Brak pliku FirewallRules: [{C9EC3555-DDD5-4A83-9C9E-CFDF10842748}] => (Block) C:\windows\syswow64\macromed\flash\flashutil32_32_0_0_207_plugin.exe Brak pliku FirewallRules: [{EE093776-330B-4F20-9B35-EB8D599F683B}] => (Allow) C:\$Windows.~WS\Sources\setuphost.exe Brak pliku FirewallRules: [{022F27AD-4BA1-45FA-9138-EF2D902EEECF}] => (Allow) C:\users\work8\desktop\windows-iso-downloader.exe Brak pliku FirewallRules: [{4DF37184-64DB-4EF6-A367-3E1E835446E0}] => (Allow) C:\users\work8\desktop\windows-iso-downloader.exe Brak pliku HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-1771593470-3012635902-189330645-1001\...\Run: [AdobeBridge] => [X] GroupPolicy: Ograniczenia ? <==== UWAGA Task: {C64FA000-022E-4731-BF61-F840F963A682} - System32\Tasks\{B6ADF54E-25AC-45D2-9332-B8D47C30EE01} => C:\windows\system32\pcalua.exe -a C:\Users\work8\Desktop\Rufus\mb_utility_windowsimagetool_B18.0213.1\WindowsImageTool\WindowsImageTool.exe -d C:\Users\work8\Desktop\Rufus\mb_utility_windowsimagetool_B18.0213.1\WindowsImageTool URLSearchHook: HKU\S-1-5-21-1771593470-3012635902-189330645-1001 - (Brak nazwy) - {D8278076-BC68-4484-9233-6E7F1628B56C} - Brak pliku BHO-x32: Brak nazwy -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Brak pliku Toolbar: HKU\S-1-5-21-1771593470-3012635902-189330645-1001 -> Brak nazwy - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Brak pliku FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.9.0.230 => nie znaleziono FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Brak pliku] S3 clwvd; system32\DRIVERS\clwvd.sys [X] S1 UimBus; system32\DRIVERS\uimbus.sys [X] S1 Uim_DEVIM; system32\DRIVERS\uimdevim.sys [X] S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X] C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"} ShortcutWithArgument: C:\Users\work8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Program uruchamiaj�cy aplikacje Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --show-app-list ShortcutWithArgument: C:\Users\work8\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Program uruchamiaj�cy aplikacje Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --show-app-list EmptyTemp: ***************** C:\Users\work8\Cookies => ":DpmBkLv67WXbxTmquXJZph2" ADS pomyślnie usunięto C:\Users\work8\AppData\Local\GIWUNAl3iDEoOdy => ":7Xiv9cG2QHJgQ5byMIRgo" ADS pomyślnie usunięto C:\Users\work8\AppData\Local\Temporary Internet Files => ":dARdQE0NKd68dytLbsji" ADS pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\vProt => pomyślnie usunięto "C:\Program Files (x86)\AVG Secure Search" => nie znaleziono "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\WMPNSS-Out-TCP" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\WMPNSS-In-TCP" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\WMPNSS-Out-UDP" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\WMPNSS-In-UDP" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\WMPNSS-Out-TCP-NoScope" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\WMPNSS-In-TCP-NoScope" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\WMPNSS-Out-UDP-NoScope" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\WMPNSS-In-UDP-NoScope" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{47802995-7F11-46D6-939E-5122FCC18292}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FC84A8FB-425D-4873-AFC3-C98C7E958418}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AEC2F8F6-C413-45D5-884A-FBD3F3A7CD0A}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{932533E6-BFE2-4786-8EAE-DC96B143D758}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{562743B8-4FC7-462F-AB28-6281AE18B510}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7437A7DE-A606-48F2-B41B-67C99B73922B}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E5E51313-4395-4C48-8FEE-D7CC387B3F6E}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DB1581F8-CFF4-4050-8B24-DA3E04B629BA}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{55A129EF-B079-4184-A481-EDC0D80484C4}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9905E1C6-B6E4-463A-AA54-57FE6D3A8ABB}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8C90EAF9-0538-4E1B-AB66-7016C5E58522}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{511B969B-2CD7-4D7B-AD94-5A823A41D380}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{32678706-0B54-480B-BBB0-2E3FB89B1CBF}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{73AF48A3-53BD-4DA6-B0DC-C28E608B99D0}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C9EC3555-DDD5-4A83-9C9E-CFDF10842748}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EE093776-330B-4F20-9B35-EB8D599F683B}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{022F27AD-4BA1-45FA-9138-EF2D902EEECF}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4DF37184-64DB-4EF6-A367-3E1E835446E0}" => pomyślnie usunięto "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => pomyślnie usunięto "HKU\S-1-5-21-1771593470-3012635902-189330645-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => pomyślnie usunięto C:\windows\system32\GroupPolicy\Machine => pomyślnie przeniesiono C:\windows\system32\GroupPolicy\GPT.ini => pomyślnie przeniesiono C:\windows\SysWOW64\GroupPolicy\GPT.ini => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C64FA000-022E-4731-BF61-F840F963A682}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C64FA000-022E-4731-BF61-F840F963A682}" => pomyślnie usunięto C:\windows\System32\Tasks\{B6ADF54E-25AC-45D2-9332-B8D47C30EE01} => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B6ADF54E-25AC-45D2-9332-B8D47C30EE01}" => pomyślnie usunięto "HKU\S-1-5-21-1771593470-3012635902-189330645-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{D8278076-BC68-4484-9233-6E7F1628B56C}" => pomyślnie usunięto HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => pomyślnie usunięto HKLM\Software\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => nie znaleziono "HKU\S-1-5-21-1771593470-3012635902-189330645-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => pomyślnie usunięto HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => nie znaleziono "HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\avg@toolbar" => pomyślnie usunięto HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922 => pomyślnie usunięto HKLM\System\CurrentControlSet\Services\clwvd => pomyślnie usunięto clwvd => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\UimBus => pomyślnie usunięto UimBus => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\Uim_DEVIM => pomyślnie usunięto Uim_DEVIM => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\VBoxNetFlt => pomyślnie usunięto VBoxNetFlt => serwis pomyślnie usunięto C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml => pomyślnie przeniesiono ========= wevtutil el | Foreach-Object {wevtutil cl "$_"} ========= ========= Koniec Powershell: ========= "C:\Users\work8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Program uruchamiaj�cy aplikacje Chrome.lnk" => nie znaleziono "C:\Users\work8\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Program uruchamiaj�cy aplikacje Chrome.lnk" => nie znaleziono =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 206930495 B Java, Flash, Steam htmlcache => 1274 B Windows/system/drivers => 100578094 B Edge => 0 B Chrome => 417163537 B Firefox => 77788067 B Opera => 430829522 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 33186 B systemprofile32 => 33186 B LocalService => 0 B NetworkService => 20768 B UpdatusUser => 0 B work8 => 158323516 B TEMP => 0 B RecycleBin => 355253 B EmptyTemp: => 1.3 GB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 08:29:23 ====