Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 02-02-2020 02 Uruchomiony przez zbycho (09-02-2020 10:27:03) Run:1 Uruchomiony z C:\Users\zbycho\Desktop Załadowane profile: zbycho (Dostępne profile: zbycho) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA GroupPolicy: Ograniczenia ? <==== UWAGA GroupPolicy\User: Ograniczenia ? <==== UWAGA FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA Task: {13846D8C-D1A8-4C2C-8F4B-B7E244E7FD84} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA Task: {312FD148-03FD-4459-B482-F5DE24519111} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA Task: {31F1D766-8698-42DD-BC86-80A16AB75BF1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA Task: {3612B7EB-8D65-4830-8F27-D43FDBEE27FA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA Task: {41D5E321-7478-48D8-9F89-BF7D7FDE8561} - System32\Tasks\EOSv3 Scheduler onTime => D:\Pobrane\esetonlinescanner_plk.exe [8170808 2020-02-06] (ESET, spol. s r.o. -> ESET spol. s r.o.) Task: {6F188263-F317-4B6B-BA6D-90C9876AE4CA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA Task: {78C29936-2BD4-4790-AADC-E9236B34B147} - System32\Tasks\{34C0A5B7-23AD-4682-9B58-4BF7F6A8715E} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\HyperCam 2\HcUnInst.exe" Task: {8BF4E606-50AF-49A9-B03D-960D17BB00D8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA Task: {9176AE51-0262-445D-B288-5BF1F36AEBA3} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Brak pliku <==== UWAGA Task: {A54ADF5B-CED5-4CED-ACED-7DA2A7FBD52F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA Task: {B20F291F-E95C-4914-9D37-ED152C953BAF} - System32\Tasks\EOSv3 Scheduler onLogOn => D:\Pobrane\esetonlinescanner_plk.exe [8170808 2020-02-06] (ESET, spol. s r.o. -> ESET spol. s r.o.) Task: {B9CB9972-36EF-4BF5-9653-31D1056AAB68} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA Task: {D87D9E57-75B3-4CC7-A2B7-D9818E1288E1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA Task: {DEF89A65-FEBA-405A-8BBD-8906711B603D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Brak pliku <==== UWAGA Task: {E21B3F8A-3EC8-4849-9AE5-179FFB242706} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA Task: {C19D42A3-6EC6-4422-9967-7EB1157B1369} - System32\Tasks\ASC8_SkipUac_zbycho => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> Brak pliku FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Brak pliku] FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Brak pliku] FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe Brak pliku FirewallRules: [TCP Query User{3B1557E0-06C0-497F-B913-D5465EB3C0B5}D:\pobrane\googlechromeportable\app\chrome-bin\chrome.exe] => (Allow) D:\pobrane\googlechromeportable\app\chrome-bin\chrome.exe Brak pliku FirewallRules: [UDP Query User{A40851D4-2A36-461C-BAC1-D77B44B3D6DC}D:\pobrane\googlechromeportable\app\chrome-bin\chrome.exe] => (Allow) D:\pobrane\googlechromeportable\app\chrome-bin\chrome.exe Brak pliku Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"} EmptyTemp: ***************** HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => niepowodzenie przy usuwaniu, klucz może być zabezpieczony C:\WINDOWS\system32\GroupPolicy\Machine => pomyślnie przeniesiono C:\WINDOWS\system32\GroupPolicy\GPT.ini => pomyślnie przeniesiono C:\WINDOWS\system32\GroupPolicy\User => pomyślnie przeniesiono HKLM\SOFTWARE\Policies\Mozilla => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{13846D8C-D1A8-4C2C-8F4B-B7E244E7FD84}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{13846D8C-D1A8-4C2C-8F4B-B7E244E7FD84}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{312FD148-03FD-4459-B482-F5DE24519111}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{312FD148-03FD-4459-B482-F5DE24519111}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{31F1D766-8698-42DD-BC86-80A16AB75BF1}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31F1D766-8698-42DD-BC86-80A16AB75BF1}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3612B7EB-8D65-4830-8F27-D43FDBEE27FA}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3612B7EB-8D65-4830-8F27-D43FDBEE27FA}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{41D5E321-7478-48D8-9F89-BF7D7FDE8561}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41D5E321-7478-48D8-9F89-BF7D7FDE8561}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onTime => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onTime" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F188263-F317-4B6B-BA6D-90C9876AE4CA}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F188263-F317-4B6B-BA6D-90C9876AE4CA}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{78C29936-2BD4-4790-AADC-E9236B34B147}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78C29936-2BD4-4790-AADC-E9236B34B147}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\{34C0A5B7-23AD-4682-9B58-4BF7F6A8715E} => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{34C0A5B7-23AD-4682-9B58-4BF7F6A8715E}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8BF4E606-50AF-49A9-B03D-960D17BB00D8}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BF4E606-50AF-49A9-B03D-960D17BB00D8}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9176AE51-0262-445D-B288-5BF1F36AEBA3}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9176AE51-0262-445D-B288-5BF1F36AEBA3}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A54ADF5B-CED5-4CED-ACED-7DA2A7FBD52F}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A54ADF5B-CED5-4CED-ACED-7DA2A7FBD52F}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B20F291F-E95C-4914-9D37-ED152C953BAF}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B20F291F-E95C-4914-9D37-ED152C953BAF}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onLogOn => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onLogOn" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B9CB9972-36EF-4BF5-9653-31D1056AAB68}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9CB9972-36EF-4BF5-9653-31D1056AAB68}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D87D9E57-75B3-4CC7-A2B7-D9818E1288E1}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D87D9E57-75B3-4CC7-A2B7-D9818E1288E1}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DEF89A65-FEBA-405A-8BBD-8906711B603D}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DEF89A65-FEBA-405A-8BBD-8906711B603D}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E21B3F8A-3EC8-4849-9AE5-179FFB242706}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E21B3F8A-3EC8-4849-9AE5-179FFB242706}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C19D42A3-6EC6-4422-9967-7EB1157B1369}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C19D42A3-6EC6-4422-9967-7EB1157B1369}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\ASC8_SkipUac_zbycho => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC8_SkipUac_zbycho" => pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814} => pomyślnie usunięto HKLM\Software\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814} => pomyślnie usunięto HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.2 => pomyślnie usunięto HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.3 => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\OpenSSH-Server-In-TCP" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3B1557E0-06C0-497F-B913-D5465EB3C0B5}D:\pobrane\googlechromeportable\app\chrome-bin\chrome.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A40851D4-2A36-461C-BAC1-D77B44B3D6DC}D:\pobrane\googlechromeportable\app\chrome-bin\chrome.exe" => pomyślnie usunięto ========= wevtutil el | Foreach-Object {wevtutil cl "$_"} ========= wevtutil : Failed to clear log Microsoft-Windows-LiveId/Analytic. At C:\FRST\tmp.ps1:1 char:31 + wevtutil el | Foreach-Object {wevtutil cl "$_"} + ~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (Failed to clear...iveId/Analytic.:String) [], RemoteException + FullyQualifiedErrorId : NativeCommandError Odmowa dostŕpu. wevtutil : Failed to clear log Microsoft-Windows-LiveId/Operational. At C:\FRST\tmp.ps1:1 char:31 + wevtutil el | Foreach-Object {wevtutil cl "$_"} + ~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (Failed to clear...Id/Operational.:String) [], RemoteException + FullyQualifiedErrorId : NativeCommandError Odmowa dostŕpu. wevtutil : Failed to clear log Microsoft-Windows-USBVideo/Analytic. At C:\FRST\tmp.ps1:1 char:31 + wevtutil el | Foreach-Object {wevtutil cl "$_"} + ~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (Failed to clear...Video/Analytic.:String) [], RemoteException + FullyQualifiedErrorId : NativeCommandError Przekazana nazwa wyst╣pienia nie zosta│a uznana przez dostawcŕ danych WMI za prawid│ow╣. ========= Koniec Powershell: ========= =========== EmptyTemp: ========== BITS transfer queue => 10772480 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 317243902 B Java, Flash, Steam htmlcache => 26122 B Windows/system/drivers => 5808845 B Edge => 5510143 B Chrome => 0 B Firefox => 1218545921 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 0 B NetworkService => 619752 B zbycho => 7478506 B RecycleBin => 0 B EmptyTemp: => 1.5 GB danych tymczasowych Usunięto. ================================ Rezultat przenoszenia plików przy restarcie (Tryb startu: Normal) (Data i godzina: 09-02-2020 10:29:59) Rezultat usuwania kluczy przy restarcie: HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => pomyślnie usunięto ==== Koniec Fixlog 10:29:59 ====