Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 28-08-2021
Uruchomiony przez Krecio (28-08-2021 20:58:11) Run:1
Uruchomiony z C:\Users\Krecio\Desktop
Załadowane profile: Krecio
Tryb startu: Normal
==============================================

fixlist - zawartość:
*****************
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA

SearchScopes: HKU\S-1-5-21-3379895175-130336575-4072719351-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

FirewallRules: [TCP Query User{D18FDBFF-6F8E-4BAA-968D-53BF1ACE59D8}C:\users\krecio\appdata\roaming\.dllbackups\data\modules\dll-host\downloads\phoenix-gpu\phoenixminer.exe] => (Block) C:\users\krecio\appdata\roaming\.dllbackups\data\modules\dll-host\downloads\phoenix-gpu\phoenixminer.exe => Brak pliku
FirewallRules: [UDP Query User{478A4926-BB42-4127-8D38-C81640811913}C:\users\krecio\appdata\roaming\.dllbackups\data\modules\dll-host\downloads\phoenix-gpu\phoenixminer.exe] => (Block) C:\users\krecio\appdata\roaming\.dllbackups\data\modules\dll-host\downloads\phoenix-gpu\phoenixminer.exe => Brak pliku
FirewallRules: [TCP Query User{4A363FE8-2CB1-49A4-87A7-F4CFA574EE7A}C:\users\krecio\appdata\local\temp\1vlt0pt2bsix4pjk2xhlfgz0s1b\dll-access.exe] => (Block) C:\users\krecio\appdata\local\temp\1vlt0pt2bsix4pjk2xhlfgz0s1b\dll-access.exe => Brak pliku
FirewallRules: [UDP Query User{F07FEDAC-CB3A-4724-9A3F-D00EC46087E1}C:\users\krecio\appdata\local\temp\1vlt0pt2bsix4pjk2xhlfgz0s1b\dll-access.exe] => (Block) C:\users\krecio\appdata\local\temp\1vlt0pt2bsix4pjk2xhlfgz0s1b\dll-access.exe => Brak pliku
FirewallRules: [TCP Query User{6B6625A9-1426-45EE-BBEF-65140670AA79}C:\users\krecio\appdata\local\temp\1wluu4wjnupjbqvrlsevzciybtq\dll-propagation.exe] => (Block) C:\users\krecio\appdata\local\temp\1wluu4wjnupjbqvrlsevzciybtq\dll-propagation.exe => Brak pliku
FirewallRules: [UDP Query User{9808AC85-8C5A-4B77-9A77-E019DDDB205A}C:\users\krecio\appdata\local\temp\1wluu4wjnupjbqvrlsevzciybtq\dll-propagation.exe] => (Block) C:\users\krecio\appdata\local\temp\1wluu4wjnupjbqvrlsevzciybtq\dll-propagation.exe => Brak pliku

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [Brak pliku]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [Brak pliku]

Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono]
Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono]
Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono]
Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono]

CustomCLSID: HKU\S-1-5-21-3379895175-130336575-4072719351-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe" -ToastActivated => Brak pliku
HKU\S-1-5-21-3379895175-130336575-4072719351-1001\...\Run: [electron.app.dllservices] => C:\Users\Krecio\AppData\Roaming\.dllbackups\dllruntime.exe
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll => Brak pliku
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll => Brak pliku
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL Brak pliku
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL Brak pliku
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL Brak pliku
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL Brak pliku
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL Brak pliku
FirewallRules: [{69212D94-6C55-4BC8-AE8D-73D17C7793C6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe => Brak pliku
FirewallRules: [{A1AF5639-5E2F-4A20-BB2C-862F8FDBCEE1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe => Brak pliku
FirewallRules: [{2870BAF3-6516-48F9-AFD9-8DA41BBD5E55}] => (Allow) D:\Gry\Tom Clancy's The Division\TheDivision.exe => Brak pliku
FirewallRules: [{3A1E2C06-C32F-4B6F-97CC-99192858F1FD}] => (Allow) D:\Gry\WATCH_DOGS2\EAC.exe => Brak pliku
FirewallRules: [{CE727D4D-DD57-4245-9CCF-4ECFF3697D78}] => (Allow) D:\Gry\WATCH_DOGS2\EAC.exe => Brak pliku
FirewallRules: [{3A8E1084-7458-429A-A33A-3E0CB090C27B}] => (Allow) D:\Gry\WATCH_DOGS2\bin_plus\WatchDogs2.exe => Brak pliku
FirewallRules: [{094DD7ED-B6C0-4E90-A6E5-28D80580D590}] => (Allow) D:\Gry\WATCH_DOGS2\bin_plus\WatchDogs2.exe => Brak pliku
FirewallRules: [{0E1A241A-60B3-4000-9986-97D92C7C3ACB}] => (Allow) D:\Gry\WATCH_DOGS2\bin\WatchDogs2.exe => Brak pliku
FirewallRules: [{D5593C14-2D25-4277-B93D-ECDE5CDB3BFE}] => (Allow) D:\Gry\WATCH_DOGS2\bin\WatchDogs2.exe => Brak pliku
FirewallRules: [UDP Query User{E09420A5-6383-4B04-90C4-FF4C43CE8FA4}D:\programy\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) D:\programy\steam\steamapps\common\red dead redemption 2\rdr2.exe => Brak pliku
FirewallRules: [TCP Query User{D3ADE794-06ED-4548-8F74-9F55BDD7A7C5}D:\programy\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) D:\programy\steam\steamapps\common\red dead redemption 2\rdr2.exe => Brak pliku
FirewallRules: [UDP Query User{F2282F34-0D45-4CCA-ADB2-71D71A59BBE7}C:\users\krecio\desktop\1401\windows\terrariaserver.exe] => (Allow) C:\users\krecio\desktop\1401\windows\terrariaserver.exe => Brak pliku
FirewallRules: [TCP Query User{0C96C840-9076-43E7-AFCA-96C6BB4AD59E}C:\users\krecio\desktop\1401\windows\terrariaserver.exe] => (Allow) C:\users\krecio\desktop\1401\windows\terrariaserver.exe => Brak pliku
FirewallRules: [{4D78AC55-6935-44D1-80DF-96E54D0FF348}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe => Brak pliku
FirewallRules: [{3B080917-1BC1-4468-92BF-BFBB573F5F9C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe => Brak pliku
FirewallRules: [{8D0E1398-5690-4520-8BC6-E21DAD6D805E}] => (Allow) C:\Users\Krecio\AppData\Roaming\uTorrent\uTorrent.exe => Brak pliku
FirewallRules: [{BFF132B0-61C3-4675-AA50-B11C119D8F05}] => (Allow) C:\Users\Krecio\AppData\Roaming\uTorrent\uTorrent.exe => Brak pliku
FirewallRules: [{A2924F68-5C27-47F6-88FE-CE53AECB5C40}] => (Allow) D:\Programy\Steam\bin\cef\cef.win7\steamwebhelper.exe => Brak pliku
FirewallRules: [{2217C5F2-8468-4964-9EE9-509F8C419D7D}] => (Allow) D:\Programy\Steam\bin\cef\cef.win7\steamwebhelper.exe => Brak pliku
FirewallRules: [UDP Query User{6E1F29BF-726D-443B-B71C-1364AF43558E}D:\gry\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\gry\call of duty modern warfare\modernwarfare.exe => Brak pliku
FirewallRules: [TCP Query User{EAA9F56E-158E-4CAC-9BD7-8F283CB45B90}D:\gry\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\gry\call of duty modern warfare\modernwarfare.exe => Brak pliku
FirewallRules: [{A9C71C52-B55B-4F4B-BFD6-858462F7A0EF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe => Brak pliku
*****************

C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => pomyślnie przeniesiono
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => pomyślnie usunięto
"HKU\S-1-5-21-3379895175-130336575-4072719351-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D18FDBFF-6F8E-4BAA-968D-53BF1ACE59D8}C:\users\krecio\appdata\roaming\.dllbackups\data\modules\dll-host\downloads\phoenix-gpu\phoenixminer.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{478A4926-BB42-4127-8D38-C81640811913}C:\users\krecio\appdata\roaming\.dllbackups\data\modules\dll-host\downloads\phoenix-gpu\phoenixminer.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4A363FE8-2CB1-49A4-87A7-F4CFA574EE7A}C:\users\krecio\appdata\local\temp\1vlt0pt2bsix4pjk2xhlfgz0s1b\dll-access.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F07FEDAC-CB3A-4724-9A3F-D00EC46087E1}C:\users\krecio\appdata\local\temp\1vlt0pt2bsix4pjk2xhlfgz0s1b\dll-access.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6B6625A9-1426-45EE-BBEF-65140670AA79}C:\users\krecio\appdata\local\temp\1wluu4wjnupjbqvrlsevzciybtq\dll-propagation.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9808AC85-8C5A-4B77-9A77-E019DDDB205A}C:\users\krecio\appdata\local\temp\1wluu4wjnupjbqvrlsevzciybtq\dll-propagation.exe" => pomyślnie usunięto
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0 => pomyślnie usunięto
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0 => pomyślnie usunięto
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => pomyślnie usunięto
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => pomyślnie usunięto
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => pomyślnie usunięto
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => pomyślnie usunięto
HKU\S-1-5-21-3379895175-130336575-4072719351-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145} => pomyślnie usunięto
"HKU\S-1-5-21-3379895175-130336575-4072719351-1001\Software\Microsoft\Windows\CurrentVersion\Run\\electron.app.dllservices" => pomyślnie usunięto
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} => pomyślnie usunięto
HKLM\Software\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} => pomyślnie usunięto
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} => pomyślnie usunięto
HKLM\Software\Wow6432Node\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} => pomyślnie usunięto
HKLM\Software\Classes\PROTOCOLS\Handler\mso-minsb-roaming.16 => pomyślnie usunięto
HKLM\Software\Classes\PROTOCOLS\Handler\mso-minsb.16 => pomyślnie usunięto
HKLM\Software\Classes\PROTOCOLS\Handler\osf-roaming.16 => pomyślnie usunięto
HKLM\Software\Classes\PROTOCOLS\Handler\osf.16 => pomyślnie usunięto
HKLM\Software\Classes\PROTOCOLS\Filter\text/xml => pomyślnie usunięto
HKLM\Software\Classes\CLSID\{807583E5-5146-11D5-A672-00B0D022E945} => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{69212D94-6C55-4BC8-AE8D-73D17C7793C6}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A1AF5639-5E2F-4A20-BB2C-862F8FDBCEE1}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2870BAF3-6516-48F9-AFD9-8DA41BBD5E55}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3A1E2C06-C32F-4B6F-97CC-99192858F1FD}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CE727D4D-DD57-4245-9CCF-4ECFF3697D78}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3A8E1084-7458-429A-A33A-3E0CB090C27B}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{094DD7ED-B6C0-4E90-A6E5-28D80580D590}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0E1A241A-60B3-4000-9986-97D92C7C3ACB}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D5593C14-2D25-4277-B93D-ECDE5CDB3BFE}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E09420A5-6383-4B04-90C4-FF4C43CE8FA4}D:\programy\steam\steamapps\common\red dead redemption 2\rdr2.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D3ADE794-06ED-4548-8F74-9F55BDD7A7C5}D:\programy\steam\steamapps\common\red dead redemption 2\rdr2.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F2282F34-0D45-4CCA-ADB2-71D71A59BBE7}C:\users\krecio\desktop\1401\windows\terrariaserver.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0C96C840-9076-43E7-AFCA-96C6BB4AD59E}C:\users\krecio\desktop\1401\windows\terrariaserver.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4D78AC55-6935-44D1-80DF-96E54D0FF348}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3B080917-1BC1-4468-92BF-BFBB573F5F9C}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8D0E1398-5690-4520-8BC6-E21DAD6D805E}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BFF132B0-61C3-4675-AA50-B11C119D8F05}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A2924F68-5C27-47F6-88FE-CE53AECB5C40}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2217C5F2-8468-4964-9EE9-509F8C419D7D}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6E1F29BF-726D-443B-B71C-1364AF43558E}D:\gry\call of duty modern warfare\modernwarfare.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EAA9F56E-158E-4CAC-9BD7-8F283CB45B90}D:\gry\call of duty modern warfare\modernwarfare.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A9C71C52-B55B-4F4B-BFD6-858462F7A0EF}" => pomyślnie usunięto

==== Koniec  Fixlog 20:58:11 ====