Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 25-02-2025 Uruchomiony przez Józef (26-02-2025 11:42:21) Run:5 Uruchomiony z C:\Users\Józef\Desktop Załadowane profile: Józef & Administrator Tryb startu: Normal ============================================== fixlist - zawartość: ***************** Start:: CustomCLSID: HKU\S-1-5-21-982215139-1930475818-4253747224-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2020}\localserver32 -> Brak ścieżki do pliku CustomCLSID: HKU\S-1-5-21-982215139-1930475818-4253747224-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2023}\localserver32 -> Brak ścieżki do pliku CustomCLSID: HKU\S-1-5-21-982215139-1930475818-4253747224-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32 -> => Brak pliku HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 0.0.0.0 gocart-web-prod-ue1-alb-1461435473.us-east-1.elb.amazonaws.com FirewallRules: [{A9E6D707-FEB2-404A-BAD5-7C636B68A2A5}] => (Block) %ProgramFiles%\Adobe\Adobe Premiere Pro 2022\Adobe Premiere Pro.exe => Brak pliku FirewallRules: [{CF5A466C-4D90-46E7-9B9F-CE3503A876FA}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => Brak pliku FirewallRules: [{225523CE-8BD4-469F-91F1-F016D789EF8D}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => Brak pliku FirewallRules: [{57CF47C8-27BF-4E21-B152-E95A091BB3F7}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => Brak pliku FirewallRules: [TCP Query User{D60AF70B-0908-41ED-A1E4-204E0351DD7A}C:\program files (x86)\bluestacks x\bluestacks x.exe] => (Block) C:\program files (x86)\bluestacks x\bluestacks x.exe => Brak pliku FirewallRules: [UDP Query User{E963C7AC-8850-4BBC-809F-2A1276C83F00}C:\program files (x86)\bluestacks x\bluestacks x.exe] => (Block) C:\program files (x86)\bluestacks x\bluestacks x.exe => Brak pliku FirewallRules: [TCP Query User{9BC44356-9A60-42A1-9ABB-2ABBE8037EC5}C:\users\józef\appdata\roaming\displaycal\dl\argyll_v2.3.1\bin\dispcal.exe] => (Allow) C:\users\józef\appdata\roaming\displaycal\dl\argyll_v2.3.1\bin\dispcal.exe => Brak pliku FirewallRules: [UDP Query User{0DF11502-802E-4464-9689-FFA48C706ECD}C:\users\józef\appdata\roaming\displaycal\dl\argyll_v2.3.1\bin\dispcal.exe] => (Allow) C:\users\józef\appdata\roaming\displaycal\dl\argyll_v2.3.1\bin\dispcal.exe => Brak pliku HKU\S-1-5-21-982215139-1930475818-4253747224-1001\...\MountPoints2: {3966a68f-68a6-11ed-890b-e695f09df888} - "G:\Autoplay.exe" -auto GroupPolicy: Ograniczenia ? <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA Task: {3ED0111E-90B9-4EB9-BD66-CBD9882CE311} - System32\Tasks\AcrobatDriver_zR8EA => C:\WINDOWS\system32\cmd.exe [339968 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> /c start /min C:\Users\Public\OneDriveUpdate.vbs <==== UWAGA Task: {EB017B54-8E35-4C60-BCD3-7E74E2F61E1E} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [2811264 2025-01-30] (Microsoft Windows -> Microsoft Corporation) Task: {0FFF7313-5341-4DEF-8D52-9C779AE7E5DC} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{13C692CE-1E48-41F4-AB7B-3959DBFB581F} => "C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe" --wake --system (Brak pliku) Task: {F286F697-4178-454D-91A2-6A8060077DF3} - System32\Tasks\GridinSoft Anti-Malware => "C:\Program Files\Gridinsoft Anti-Malware\gsam.exe" -startupscan (Brak pliku) Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (Brak pliku) Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Brak pliku) S2 Adobe Elements 2023 Update Service; "C:\Program Files\Adobe\Elements 2023 Organizer\Adobe Elements 2023 Update Service.exe" [X] S3 MagicianSVC; "C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe" [X] S3 NDSPCIIO; \??\C:\WINDOWS\system32\DRIVERS\NDSPCIIO64.SYS [X] 2025-02-04 15:42 - 2025-02-04 18:24 - 000003646 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask CreateRestorePoint: EmptyTemp: End:: ***************** HKU\S-1-5-21-982215139-1930475818-4253747224-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2020} => pomyślnie usunięto HKU\S-1-5-21-982215139-1930475818-4253747224-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2023} => pomyślnie usunięto HKU\S-1-5-21-982215139-1930475818-4253747224-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2} => pomyślnie usunięto HKLM\Software\\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\System32\blank.htm" => Wartość pomyślnie przywrócono 0.0.0.0 gocart-web-prod-ue1-alb-1461435473.us-east-1.elb.amazonaws.com => Błąd: Nie znaleziono automatycznej naprawy dla tego wejścia. "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A9E6D707-FEB2-404A-BAD5-7C636B68A2A5}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CF5A466C-4D90-46E7-9B9F-CE3503A876FA}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{225523CE-8BD4-469F-91F1-F016D789EF8D}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{57CF47C8-27BF-4E21-B152-E95A091BB3F7}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D60AF70B-0908-41ED-A1E4-204E0351DD7A}C:\program files (x86)\bluestacks x\bluestacks x.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E963C7AC-8850-4BBC-809F-2A1276C83F00}C:\program files (x86)\bluestacks x\bluestacks x.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9BC44356-9A60-42A1-9ABB-2ABBE8037EC5}C:\users\józef\appdata\roaming\displaycal\dl\argyll_v2.3.1\bin\dispcal.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0DF11502-802E-4464-9689-FFA48C706ECD}C:\users\józef\appdata\roaming\displaycal\dl\argyll_v2.3.1\bin\dispcal.exe" => pomyślnie usunięto HKU\S-1-5-21-982215139-1930475818-4253747224-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3966a68f-68a6-11ed-890b-e695f09df888} => pomyślnie usunięto "C:\WINDOWS\system32\GroupPolicy\Machine" Folder - przenoszenie: C:\WINDOWS\system32\GroupPolicy\Machine => pomyślnie przeniesiono C:\WINDOWS\system32\GroupPolicy\GPT.ini => pomyślnie przeniesiono C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => pomyślnie przeniesiono C:\ProgramData\NTUSER.pol => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3ED0111E-90B9-4EB9-BD66-CBD9882CE311}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3ED0111E-90B9-4EB9-BD66-CBD9882CE311}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\AcrobatDriver_zR8EA => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AcrobatDriver_zR8EA" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EB017B54-8E35-4C60-BCD3-7E74E2F61E1E}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB017B54-8E35-4C60-BCD3-7E74E2F61E1E}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CreateExplorerShellUnelevatedTask" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0FFF7313-5341-4DEF-8D52-9C779AE7E5DC}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FFF7313-5341-4DEF-8D52-9C779AE7E5DC}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{13C692CE-1E48-41F4-AB7B-3959DBFB581F} => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{13C692CE-1E48-41F4-AB7B-3959DBFB581F}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F286F697-4178-454D-91A2-6A8060077DF3}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F286F697-4178-454D-91A2-6A8060077DF3}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\GridinSoft Anti-Malware => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GridinSoft Anti-Malware" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\Location\Notifications => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Location\Notifications" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => pomyślnie usunięto HKLM\System\CurrentControlSet\Services\Adobe Elements 2023 Update Service => pomyślnie usunięto Adobe Elements 2023 Update Service => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\MagicianSVC => pomyślnie usunięto MagicianSVC => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\NDSPCIIO => pomyślnie usunięto NDSPCIIO => serwis pomyślnie usunięto "C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask" => nie znaleziono Punkt przywracania został pomyślnie utworzony. =========== EmptyTemp: ========== FlushDNS => ukończone BITS transfer queue => 0 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 182987560 B Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B Windows/system/drivers => 202209645 B Edge => 0 B Chrome => 1089902919 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 6144 B ProgramData => 6144 B Public => 6144 B systemprofile => 6144 B systemprofile32 => 6144 B LocalService => 221356 B NetworkService => 303700 B Józef => 670384387 B Administrator => 670395254 B RecycleBin => 0 B EmptyTemp: => 2.6 GB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 11:44:17 ====