Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 09-09-2024
Uruchomiony przez Admin (09-09-2024 23:58:21) Run:1
Uruchomiony z C:\Users\Admin\Downloads
Załadowane profile: Admin
Tryb startu: Normal
==============================================

fixlist - zawartość:
*****************
START::
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GSC Game World\S.T.A.L.K.E.R. - Shadow of Chernobyl\Kod odblokowujący.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GSC Game World\S.T.A.L.K.E.R. - Shadow of Chernobyl\Pokaż ReadMe.txt.lnk
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Ograniczenia <==== UWAGA
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Ograniczenia <==== UWAGA
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Ograniczenia <==== UWAGA
HKU\S-1-5-21-1387036239-2962875848-3040863821-1001\...\Run: [YandexDisk2] => C:\Users\Admin\AppData\Roaming\Yandex\YandexDisk2\3.2.34.4962\YandexDisk2.exe -autostart (Brak pliku)
GroupPolicy: Ograniczenia ? <==== UWAGA
Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA
S2 AvastWscReporter; "C:\Program Files\Avast Software\Avast\wsc_proxy.exe" /runassvc /rpcserver [X]
U1 aswbdisk; Brak ImagePath
CustomCLSID: HKU\S-1-5-21-1387036239-2962875848-3040863821-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\OneDrive\19.043.0304.0013\amd64\FileSyncShell64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-1387036239-2962875848-3040863821-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => Brak pliku
CustomCLSID: HKU\S-1-5-21-1387036239-2962875848-3040863821-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\OneDrive\19.043.0304.0013\amd64\FileSyncShell64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-1387036239-2962875848-3040863821-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\OneDrive\19.043.0304.0013\amd64\FileSyncShell64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-1387036239-2962875848-3040863821-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\Admin\AppData\Local\Microsoft\OneDrive\19.043.0304.0013\FileCoAuth.exe => Brak pliku
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Brak pliku
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop\Деинсталлировать Telegram.lnk
AlternateDataStreams: C:\ProgramData\Reprise:jhqduwvxlctbqqijsf`usjbm`pgyjhjkhkjq [0]
AlternateDataStreams: C:\ProgramData\Reprise:jhqduwvxlctbqqijsf`usjbm`pgyqfh [0]
AlternateDataStreams: C:\ProgramData\Reprise:jhqduwvxlctbqqijsf`usjbm`vovtfe.qpsu.obnfjhjkhkjq [0]
FirewallRules: [{F19527A8-1CF4-4030-99CC-32EB9C930353}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe => Brak pliku
FirewallRules: [{20F5A9D8-58F6-4402-B98A-71B4E95530FC}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe => Brak pliku
FirewallRules: [TCP Query User{BE1FE955-CC0E-4D87-B0E3-45ADB6994ACD}C:\users\admin\documents\m\aria2c.exe] => (Allow) C:\users\admin\documents\m\aria2c.exe => Brak pliku
FirewallRules: [UDP Query User{872CACBD-9D9C-4855-B0FB-8958A7EE9F62}C:\users\admin\documents\m\aria2c.exe] => (Allow) C:\users\admin\documents\m\aria2c.exe => Brak pliku
FirewallRules: [{6125EC37-F4E3-4B4C-A6CE-E8244FB191A6}] => (Allow) C:\Program Files\Pinnacle\Studio Trial\programs\RM.exe => Brak pliku
FirewallRules: [{F28C2BC4-0A5A-4A7C-B4D1-00526E7E3C2B}] => (Allow) C:\Program Files\Pinnacle\Studio Trial\programs\RM.exe => Brak pliku
FirewallRules: [{F9494113-920D-44B5-9914-139F7BB865B1}] => (Allow) C:\Program Files\Pinnacle\Studio Trial\programs\NGStudio.exe => Brak pliku
FirewallRules: [{3B2E0EC3-D9EB-4023-AE2F-CB692C65BA86}] => (Allow) C:\Program Files\Pinnacle\Studio Trial\programs\NGStudio.exe => Brak pliku
FirewallRules: [{62D3AD42-5726-489C-9440-F1ED5DFC44C9}] => (Allow) C:\Program Files\Pinnacle\Studio Trial\programs\UMI.exe => Brak pliku
FirewallRules: [{AB89F110-CA37-4E0F-BB2A-BD44CC01AEDD}] => (Allow) C:\Program Files\Pinnacle\Studio Trial\programs\UMI.exe => Brak pliku
FirewallRules: [TCP Query User{AC0A570C-1E6D-4538-9091-77CCDD99CD82}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe => Brak pliku
FirewallRules: [UDP Query User{DFD28CC9-03EE-4422-8C27-FE3163810BDC}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe => Brak pliku
FirewallRules: [TCP Query User{81D57D8E-DA49-4CCB-A3EE-5DE437753A6D}C:\users\admin\documents\maszyna\aria2c.exe] => (Allow) C:\users\admin\documents\maszyna\aria2c.exe => Brak pliku
FirewallRules: [UDP Query User{84BDCF5F-5612-4F84-9B9F-7D2A34077EC5}C:\users\admin\documents\maszyna\aria2c.exe] => (Allow) C:\users\admin\documents\maszyna\aria2c.exe => Brak pliku
END::
*****************

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GSC Game World\S.T.A.L.K.E.R. - Shadow of Chernobyl\Kod odblokowujący.lnk => pomyślnie przeniesiono
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GSC Game World\S.T.A.L.K.E.R. - Shadow of Chernobyl\Pokaż ReadMe.txt.lnk => pomyślnie przeniesiono
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk => pomyślnie przeniesiono
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => Wartość pomyślnie przywrócono
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => Wartość pomyślnie przywrócono
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => pomyślnie usunięto
"HKU\S-1-5-21-1387036239-2962875848-3040863821-1001\Software\Microsoft\Windows\CurrentVersion\Run\\YandexDisk2" => pomyślnie usunięto

"C:\Windows\system32\GroupPolicy\Machine" Folder - przenoszenie:

C:\Windows\system32\GroupPolicy\Machine => pomyślnie przeniesiono
C:\Windows\system32\GroupPolicy\GPT.ini => pomyślnie przeniesiono
C:\ProgramData\NTUSER.pol => pomyślnie przeniesiono
HKLM\SOFTWARE\Policies\Mozilla => pomyślnie usunięto
HKLM\System\CurrentControlSet\Services\AvastWscReporter => pomyślnie usunięto
AvastWscReporter => serwis pomyślnie usunięto
HKLM\System\CurrentControlSet\Services\aswbdisk => pomyślnie usunięto
aswbdisk => serwis pomyślnie usunięto
HKU\S-1-5-21-1387036239-2962875848-3040863821-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => pomyślnie usunięto
HKU\S-1-5-21-1387036239-2962875848-3040863821-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000} => pomyślnie usunięto
HKU\S-1-5-21-1387036239-2962875848-3040863821-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C} => pomyślnie usunięto
HKU\S-1-5-21-1387036239-2962875848-3040863821-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => pomyślnie usunięto
HKU\S-1-5-21-1387036239-2962875848-3040863821-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2} => pomyślnie usunięto
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => pomyślnie usunięto
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => pomyślnie usunięto
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => pomyślnie usunięto
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => pomyślnie usunięto
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => pomyślnie usunięto
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => pomyślnie usunięto
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => pomyślnie usunięto
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => pomyślnie usunięto
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => pomyślnie usunięto
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => pomyślnie usunięto
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => pomyślnie usunięto
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => pomyślnie usunięto
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => pomyślnie usunięto
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => pomyślnie usunięto
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop\Деинсталлировать Telegram.lnk => pomyślnie przeniesiono
C:\ProgramData\Reprise => ":jhqduwvxlctbqqijsf`usjbm`pgyjhjkhkjq" ADS pomyślnie usunięto
C:\ProgramData\Reprise => ":jhqduwvxlctbqqijsf`usjbm`pgyqfh" ADS pomyślnie usunięto
C:\ProgramData\Reprise => ":jhqduwvxlctbqqijsf`usjbm`vovtfe.qpsu.obnfjhjkhkjq" ADS pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F19527A8-1CF4-4030-99CC-32EB9C930353}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{20F5A9D8-58F6-4402-B98A-71B4E95530FC}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BE1FE955-CC0E-4D87-B0E3-45ADB6994ACD}C:\users\admin\documents\m\aria2c.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{872CACBD-9D9C-4855-B0FB-8958A7EE9F62}C:\users\admin\documents\m\aria2c.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6125EC37-F4E3-4B4C-A6CE-E8244FB191A6}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F28C2BC4-0A5A-4A7C-B4D1-00526E7E3C2B}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F9494113-920D-44B5-9914-139F7BB865B1}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3B2E0EC3-D9EB-4023-AE2F-CB692C65BA86}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{62D3AD42-5726-489C-9440-F1ED5DFC44C9}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AB89F110-CA37-4E0F-BB2A-BD44CC01AEDD}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AC0A570C-1E6D-4538-9091-77CCDD99CD82}C:\program files (x86)\synology\assistant\dsassistant.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DFD28CC9-03EE-4422-8C27-FE3163810BDC}C:\program files (x86)\synology\assistant\dsassistant.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{81D57D8E-DA49-4CCB-A3EE-5DE437753A6D}C:\users\admin\documents\maszyna\aria2c.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{84BDCF5F-5612-4F84-9B9F-7D2A34077EC5}C:\users\admin\documents\maszyna\aria2c.exe" => pomyślnie usunięto


System wymagał restartu.

==== Koniec  Fixlog 23:58:22 ====