Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 06.04.2024 Uruchomiony przez buli1 (09-04-2024 17:50:06) Run:1 Uruchomiony z C:\Users\buli1\Downloads Załadowane profile: buli1 Tryb startu: Normal ============================================== fixlist - zawartość: ***************** START:: CustomCLSID: HKU\S-1-5-21-3812395886-3388902121-4124880555-1001_Classes\CLSID\{5C4D8D77-5B87-40CA-884E-F56858227E5C}\localserver32 -> C:\Users\buli1\AppData\Local\Programs\TeamSpeak\notification_helper.exe => Brak pliku AlternateDataStreams: C:\Users\buli1\AppData\Local\Temp:$DATA [16] HKU\S-1-5-21-3812395886-3388902121-4124880555-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/ FirewallRules: [{5D65033B-F300-43A0-95A6-C1945B17C832}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe => Brak pliku FirewallRules: [{79BD4859-A91E-4334-A5A9-048B1788F741}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe => Brak pliku FirewallRules: [{4001D0D7-4090-483C-8D03-FD8DDADD3B37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => Brak pliku FirewallRules: [{C71060FE-7B43-4218-A571-43A00FF4EFC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => Brak pliku FirewallRules: [{025385EE-D986-4AA7-93B3-5534EDB7AD59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe => Brak pliku FirewallRules: [{D45CE505-F07E-4761-A659-AC49833184CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe => Brak pliku FirewallRules: [{D63AB65C-703A-4CD9-9C43-78E64EBA8797}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia III\2KLauncher\LauncherPatcher.exe => Brak pliku FirewallRules: [{AF9EE092-9A80-4D81-96E4-4CDE770FFBFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia III\2KLauncher\LauncherPatcher.exe => Brak pliku FirewallRules: [TCP Query User{2DC352DC-2E56-40D5-AD94-573C8BDA4401}C:\program files\epic games\ue_5.1\engine\binaries\win64\unrealeditor.exe] => (Allow) C:\program files\epic games\ue_5.1\engine\binaries\win64\unrealeditor.exe => Brak pliku FirewallRules: [UDP Query User{14A5463A-B9A0-4AFE-A279-991BEE8D868F}C:\program files\epic games\ue_5.1\engine\binaries\win64\unrealeditor.exe] => (Allow) C:\program files\epic games\ue_5.1\engine\binaries\win64\unrealeditor.exe => Brak pliku FirewallRules: [{9D232492-CC63-4619-912B-71FAF0BFD4AC}] => (Allow) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe => Brak pliku FirewallRules: [{289AF3FC-DD06-40FE-B71C-3830FB3F29D5}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe => Brak pliku FirewallRules: [{5F6A6150-F97F-4BBB-9FD6-73F60CA6C618}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe => Brak pliku FirewallRules: [{27EECC7A-E115-4723-B191-2BC9EFC5FF52}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe => Brak pliku FirewallRules: [{5647E612-B2F0-475D-B404-BC8177492501}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe => Brak pliku FirewallRules: [{87041ED2-B239-4C30-831C-FBDF491A6907}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe => Brak pliku FirewallRules: [{E8D794A6-A9E2-4C80-A819-2D02E61934BA}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe => Brak pliku FirewallRules: [{70E6862A-2B1C-4CF8-9D3F-033C5785C862}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe => Brak pliku FirewallRules: [{3C0323A6-C703-48CC-83BD-2A241DDFDD4D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe => Brak pliku FirewallRules: [{D2E66137-C634-4231-AD20-8799DDF358AC}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe => Brak pliku C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA\App Recovery.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA\EA Error Reporter.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA\EA Updater.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA\EA.lnk HKU\S-1-5-21-3812395886-3388902121-4124880555-1001\...\Run: [GalaxyClient] => [X] HKU\S-1-5-21-3812395886-3388902121-4124880555-1001\...\Run: [EADM] => "C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe" -silent (Brak pliku) Task: {3693B61E-99F5-4CDC-A229-3A7FDE5AF24F} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe NotificationCenter (Brak pliku) Task: {A002FFF2-0881-4DA8-B4A9-000B50529C34} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\ScheduleEventAction.exe VantageTelemetryAddinTask (Brak pliku) Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Brak pliku) Task: {E15EC6E8-A9FD-4F6C-8A62-DBC00BCFE40E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (Brak pliku) Task: {B85BDF8A-C319-47CD-950F-B2E0E0E84582} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (Brak pliku) Task: {26AF7998-3CC6-4669-9868-94C12A51EEA0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (Brak pliku) Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Brak pliku) Task: {1E4021B3-796F-4D95-94B0-7325E7A97898} - System32\Tasks\OneNote 45756 => C:\Users\buli1\AppData\Roaming\strt.cmd -> <==== UWAGA S3 HWiNFO_191; C:\Users\buli1\AppData\Local\Temp\HWiNFO64A_191.SYS [57936 2024-04-05] (Microsoft Windows Hardware Compatibility Publisher -> REALiX) <==== UWAGA S3 R0SteelSeriesSystemMonitor; \??\C:\ProgramData\SteelSeries\GG\apps\engine\engineApps\system-stats\SteelSeriesSystemMonitor.sys [X] S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] CreateRestorePoint: EmptyTemp: END:: ***************** HKU\S-1-5-21-3812395886-3388902121-4124880555-1001_Classes\CLSID\{5C4D8D77-5B87-40CA-884E-F56858227E5C} => pomyślnie usunięto C:\Users\buli1\AppData\Local\Temp => ":$DATA" ADS niepowodzenie przy usuwaniu. "HKU\S-1-5-21-3812395886-3388902121-4124880555-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5D65033B-F300-43A0-95A6-C1945B17C832}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{79BD4859-A91E-4334-A5A9-048B1788F741}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4001D0D7-4090-483C-8D03-FD8DDADD3B37}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C71060FE-7B43-4218-A571-43A00FF4EFC1}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{025385EE-D986-4AA7-93B3-5534EDB7AD59}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D45CE505-F07E-4761-A659-AC49833184CF}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D63AB65C-703A-4CD9-9C43-78E64EBA8797}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AF9EE092-9A80-4D81-96E4-4CDE770FFBFD}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2DC352DC-2E56-40D5-AD94-573C8BDA4401}C:\program files\epic games\ue_5.1\engine\binaries\win64\unrealeditor.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{14A5463A-B9A0-4AFE-A279-991BEE8D868F}C:\program files\epic games\ue_5.1\engine\binaries\win64\unrealeditor.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9D232492-CC63-4619-912B-71FAF0BFD4AC}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{289AF3FC-DD06-40FE-B71C-3830FB3F29D5}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5F6A6150-F97F-4BBB-9FD6-73F60CA6C618}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{27EECC7A-E115-4723-B191-2BC9EFC5FF52}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5647E612-B2F0-475D-B404-BC8177492501}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{87041ED2-B239-4C30-831C-FBDF491A6907}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E8D794A6-A9E2-4C80-A819-2D02E61934BA}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{70E6862A-2B1C-4CF8-9D3F-033C5785C862}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3C0323A6-C703-48CC-83BD-2A241DDFDD4D}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D2E66137-C634-4231-AD20-8799DDF358AC}" => pomyślnie usunięto C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA\App Recovery.lnk => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA\EA Error Reporter.lnk => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA\EA Updater.lnk => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA\EA.lnk => pomyślnie przeniesiono "HKU\S-1-5-21-3812395886-3388902121-4124880555-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GalaxyClient" => pomyślnie usunięto "HKU\S-1-5-21-3812395886-3388902121-4124880555-1001\Software\Microsoft\Windows\CurrentVersion\Run\\EADM" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3693B61E-99F5-4CDC-A229-3A7FDE5AF24F}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3693B61E-99F5-4CDC-A229-3A7FDE5AF24F}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Vantage\Schedule\NotificationCenter" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A002FFF2-0881-4DA8-B4A9-000B50529C34}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A002FFF2-0881-4DA8-B4A9-000B50529C34}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E15EC6E8-A9FD-4F6C-8A62-DBC00BCFE40E}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E15EC6E8-A9FD-4F6C-8A62-DBC00BCFE40E}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B85BDF8A-C319-47CD-950F-B2E0E0E84582}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B85BDF8A-C319-47CD-950F-B2E0E0E84582}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{26AF7998-3CC6-4669-9868-94C12A51EEA0}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26AF7998-3CC6-4669-9868-94C12A51EEA0}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1E4021B3-796F-4D95-94B0-7325E7A97898}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E4021B3-796F-4D95-94B0-7325E7A97898}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\OneNote 45756 => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneNote 45756" => pomyślnie usunięto HKLM\System\CurrentControlSet\Services\HWiNFO_191 => pomyślnie usunięto HWiNFO_191 => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\R0SteelSeriesSystemMonitor => pomyślnie usunięto R0SteelSeriesSystemMonitor => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\WinSetupMon => pomyślnie usunięto WinSetupMon => serwis pomyślnie usunięto Punkt przywracania został pomyślnie utworzony. =========== EmptyTemp: ========== FlushDNS => ukończone BITS transfer queue => 0 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 39284699 B Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 736090115 B Windows/system/drivers => 235415216 B Edge => 0 B Chrome => 436680068 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 62286 B NetworkService => 149156 B buli1 => 256827832 B RecycleBin => 0 B EmptyTemp: => 1.6 GB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 17:50:25 ====