Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 10-04-2021 Uruchomiony przez Konrad Paluszek (11-04-2021 13:57:01) Run:2 Uruchomiony z F:\Instalki\Farbar Recovery Scan Tool Załadowane profile: Konrad Paluszek Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: EmptyTemp: HKLM-x32\...\Run: [] => [X] HKLM-x32\...\RunOnce: [GrpConv] => grpconv -o HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-1885980802-37223428-1519408807-500\...\Policies\Explorer: [NoRecentDocsNetHood] 1 HKU\S-1-5-21-1885980802-37223428-1519408807-500\...\Policies\Explorer: [NoRecentDocsHistory] 1 HKU\S-1-5-21-1885980802-37223428-1519408807-500\...\Policies\Explorer: [NoRecentDocsMenu] 1 HKU\S-1-5-21-1885980802-37223428-1519408807-500\...\Policies\Explorer: [NoSecurityTab] 1 GroupPolicy: Ograniczenia ? <==== UWAGA GroupPolicy\User: Ograniczenia ? <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA Task: {3D28B182-45AA-4523-BDA0-B72AFBC906AE} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\8.4.0\Scheduler.exe [156696 2021-03-29] (IObit CO., LTD -> IObit) Task: {763C037E-B8F3-465E-BE56-4CEF15870843} - \Microsoft\Windows\Google\GoogleUpdateTaskMachineRO -> Brak pliku <==== UWAGA Task: {7FAEEBCC-E25D-4720-96EA-3F7E3BF84099} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\8.4.0\AutoUpdate.exe [2285592 2021-03-31] (IObit CO., LTD -> IObit) Task: {BCCC1D77-8655-4560-AE01-C0BA40BE4A11} - System32\Tasks\Software Updater SkipUAC(Konrad Paluszek) => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4513224 2021-01-19] (IObit Information Technology -> IObit) <==== UWAGA Task: {D307B2B6-3007-4C03-892B-A38FD0BC2F5A} - System32\Tasks\Driver Booster SkipUAC (Konrad Paluszek) => C:\Program Files (x86)\IObit\Driver Booster\8.4.0\DriverBooster.exe [8242200 2021-04-02] (IObit CO., LTD -> IObit) [Brak podpisu cyfrowego] Task: {D58126C7-0B57-4E8E-B505-BFFC5C723437} - System32\Tasks\Software Updater Scheduler => C:\Program Files (x86)\IObit\Software Updater\SUInit.exe [1789200 2020-06-30] (IObit Information Technology -> IObit Software updater) <==== UWAGA Task: {FF08C86E-A9C1-4A55-9D52-04D4080FEC0F} - System32\Tasks\Odkurzacz => C:\Program Files (x86)\Odkurzacz\odkurzacz.exe [1069056 2019-05-21] (FranmoSoftware) [Brak podpisu cyfrowego] Tcpip\..\Interfaces\{aabbd025-2153-4bab-84b5-034d1d2538df}: [NameServer] 194.204.152.34,194.204.159.1 Tcpip\..\Interfaces\{aabbd025-2153-4bab-84b5-034d1d2538df}: [DhcpNameServer] 192.168.1.1 FF Plugin HKU\S-1-5-21-1885980802-37223428-1519408807-500: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark\nplightsparkplugin.dll [Brak pliku] CHR DefaultSearchURL: Default -> hxxps://search.videodownloaderpremium.com/query?q={searchTerms}&v=1.0.3.2 CHR DefaultSearchKeyword: Default -> Videodownloaderpremium CHR DefaultSuggestURL: Default -> hxxps://search.videodownloaderpremium.com/suggestion?q={searchTerms} S3 libusb0; system32\drivers\libusb0.sys [X] 2021-04-11 07:55 - 2021-04-11 08:02 - 000000151 _____ C:\WINDOWS\restoro.ini 2021-04-11 07:44 - 2021-04-11 11:16 - 000000140 _____ C:\WINDOWS\Reimage.ini 2021-04-10 15:21 - 2021-04-10 15:21 - 000000008 __RSH C:\ProgramData\ntuser.pol 2020-03-18 11:31 - 2020-03-18 11:32 - 001564784 _____ () C:\Users\Administrator\AppData\Roaming\AvidApplicationManager_Install.log 2019-05-21 12:14 - 2019-05-21 12:14 - 000230590 _____ () C:\Users\Administrator\AppData\Roaming\AvidLicenseControl_Install.log 2020-08-13 20:38 - 2020-08-18 08:23 - 000001042 _____ () C:\Users\Administrator\AppData\Roaming\coreavc.ini 2019-05-21 12:31 - 2019-05-21 12:31 - 000099384 _____ () C:\Users\Administrator\AppData\Roaming\inst.exe 2019-05-21 12:31 - 2019-05-21 12:31 - 000007859 _____ () C:\Users\Administrator\AppData\Roaming\pcouffin.cat 2019-05-21 12:31 - 2019-05-21 12:31 - 000001167 _____ () C:\Users\Administrator\AppData\Roaming\pcouffin.inf 2019-05-21 12:31 - 2019-05-21 12:31 - 000082816 _____ (VSO Software) C:\Users\Administrator\AppData\Roaming\pcouffin.sys 2020-02-24 19:09 - 2021-02-28 18:32 - 000003584 _____ () C:\Users\Administrator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2019-05-23 19:23 - 2019-05-23 19:23 - 000000000 _____ () C:\Users\Administrator\AppData\Local\oobelibMkey.log 2019-10-02 08:43 - 2019-10-02 08:43 - 000000017 _____ () C:\Users\Administrator\AppData\Local\resmon.resmoncfg FCheck: C:\WINDOWS\SysWOW64\mp4norm.dll [2021-04-10] <==== UWAGA (zerobajtowy plik/folder) AlternateDataStreams: C:\WINDOWS\SysWOW64\mp4norm.dll:ExtraData [15] AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [127] HKU\S-1-5-21-1885980802-37223428-1519408807-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.o2.pl/ IE trusted site: HKU\S-1-5-21-1885980802-37223428-1519408807-500\...\download.microsoft.com -> hxxp://download.microsoft.com IE trusted site: HKU\S-1-5-21-1885980802-37223428-1519408807-500\...\download.windowsupdate.com -> hxxp://download.windowsupdate.com IE trusted site: HKU\S-1-5-21-1885980802-37223428-1519408807-500\...\download.windowsupdate.com -> hxxps://download.windowsupdate.com IE trusted site: HKU\S-1-5-21-1885980802-37223428-1519408807-500\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-1885980802-37223428-1519408807-500\...\microsoft.com -> hxxp://ntservicepack.microsoft.com IE trusted site: HKU\S-1-5-21-1885980802-37223428-1519408807-500\...\ntservicepack.microsoft.com -> hxxp://ntservicepack.microsoft.com IE trusted site: HKU\S-1-5-21-1885980802-37223428-1519408807-500\...\update.microsoft.com -> hxxp://update.microsoft.com IE trusted site: HKU\S-1-5-21-1885980802-37223428-1519408807-500\...\update.microsoft.com -> hxxps://update.microsoft.com IE trusted site: HKU\S-1-5-21-1885980802-37223428-1519408807-500\...\windows.com -> hxxp://wustat.windows.com IE trusted site: HKU\S-1-5-21-1885980802-37223428-1519408807-500\...\windowsupdate.com -> hxxp://download.windowsupdate.com IE trusted site: HKU\S-1-5-21-1885980802-37223428-1519408807-500\...\windowsupdate.com -> hxxps://download.windowsupdate.com IE trusted site: HKU\S-1-5-21-1885980802-37223428-1519408807-500\...\windowsupdate.microsoft.com -> hxxp://windowsupdate.microsoft.com IE trusted site: HKU\S-1-5-21-1885980802-37223428-1519408807-500\...\ws.microsoft.com -> hxxp://ws.microsoft.com IE trusted site: HKU\S-1-5-21-1885980802-37223428-1519408807-500\...\ws.microsoft.com -> hxxps://ws.microsoft.com IE trusted site: HKU\S-1-5-21-1885980802-37223428-1519408807-500\...\wustat.windows.com -> hxxp://wustat.windows.com RemoveProxy: Hosts: StartRegedit: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv] "ImagePath"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,00,6f,00,\ 74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\ 00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\ 6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MpsSvc] "Start"=dword:00000002 "ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\ 74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\ 00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\ 6b,00,20,00,4c,00,6f,00,63,00,61,00,6c,00,53,00,65,00,72,00,76,00,69,00,63,\ 00,65,00,4e,00,6f,00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\mpsdrv\Enum] "0"="Root\\LEGACY_MPSDRV\\0000" "Count"=dword:00000001 "NextInstance"=dword:00000001 EndRegedit: CMD: sc config wuauserv start= delayed-auto ***************** Procesy zostały pomyślnie zamknięte. Punkt przywracania został pomyślnie utworzony. "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => nie znaleziono "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\GrpConv" => nie znaleziono HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => pomyślnie usunięto "HKU\S-1-5-21-1885980802-37223428-1519408807-500\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoRecentDocsNetHood" => nie znaleziono "HKU\S-1-5-21-1885980802-37223428-1519408807-500\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoRecentDocsHistory" => nie znaleziono "HKU\S-1-5-21-1885980802-37223428-1519408807-500\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoRecentDocsMenu" => nie znaleziono "HKU\S-1-5-21-1885980802-37223428-1519408807-500\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSecurityTab" => nie znaleziono "C:\WINDOWS\system32\GroupPolicy\Machine" => nie znaleziono "C:\WINDOWS\system32\GroupPolicy\User" => nie znaleziono "C:\ProgramData\NTUSER.pol" => nie znaleziono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D28B182-45AA-4523-BDA0-B72AFBC906AE}" => nie znaleziono "C:\WINDOWS\System32\Tasks\Driver Booster Scheduler" => nie znaleziono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler" => nie znaleziono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{763C037E-B8F3-465E-BE56-4CEF15870843}" => nie znaleziono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Google\GoogleUpdateTaskMachineRO" => nie znaleziono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FAEEBCC-E25D-4720-96EA-3F7E3BF84099}" => nie znaleziono "C:\WINDOWS\System32\Tasks\Driver Booster Update" => nie znaleziono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Update" => nie znaleziono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BCCC1D77-8655-4560-AE01-C0BA40BE4A11}" => nie znaleziono "C:\WINDOWS\System32\Tasks\Software Updater SkipUAC(Konrad Paluszek)" => nie znaleziono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Software Updater SkipUAC(Konrad Paluszek)" => nie znaleziono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D307B2B6-3007-4C03-892B-A38FD0BC2F5A}" => nie znaleziono "C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Konrad Paluszek)" => nie znaleziono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Konrad Paluszek)" => nie znaleziono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D58126C7-0B57-4E8E-B505-BFFC5C723437}" => nie znaleziono "C:\WINDOWS\System32\Tasks\Software Updater Scheduler" => nie znaleziono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Software Updater Scheduler" => nie znaleziono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF08C86E-A9C1-4A55-9D52-04D4080FEC0F}" => nie znaleziono "C:\WINDOWS\System32\Tasks\Odkurzacz" => nie znaleziono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Odkurzacz" => nie znaleziono "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{aabbd025-2153-4bab-84b5-034d1d2538df}\\NameServer" => pomyślnie usunięto "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{aabbd025-2153-4bab-84b5-034d1d2538df}\\DhcpNameServer" => pomyślnie usunięto HKU\S-1-5-21-1885980802-37223428-1519408807-500\Software\MozillaPlugins\@lightspark.github.com/Lightspark;version=1 => nie znaleziono "C:\Program Files (x86)\Lightspark\nplightsparkplugin.dll" => nie znaleziono "Chrome DefaultSearchURL" => nie znaleziono "Chrome DefaultSearchKeyword" => nie znaleziono "Chrome DefaultSuggestURL" => nie znaleziono libusb0 => serwis nie znaleziono. "C:\WINDOWS\restoro.ini" => nie znaleziono "C:\WINDOWS\Reimage.ini" => nie znaleziono "C:\ProgramData\ntuser.pol" => nie znaleziono "C:\Users\Administrator\AppData\Roaming\AvidApplicationManager_Install.log" => nie znaleziono "C:\Users\Administrator\AppData\Roaming\AvidLicenseControl_Install.log" => nie znaleziono "C:\Users\Administrator\AppData\Roaming\coreavc.ini" => nie znaleziono "C:\Users\Administrator\AppData\Roaming\inst.exe" => nie znaleziono "C:\Users\Administrator\AppData\Roaming\pcouffin.cat" => nie znaleziono "C:\Users\Administrator\AppData\Roaming\pcouffin.inf" => nie znaleziono "C:\Users\Administrator\AppData\Roaming\pcouffin.sys" => nie znaleziono "C:\Users\Administrator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini" => nie znaleziono "C:\Users\Administrator\AppData\Local\oobelibMkey.log" => nie znaleziono "C:\Users\Administrator\AppData\Local\resmon.resmoncfg" => nie znaleziono "C:\WINDOWS\SysWOW64\mp4norm.dll" => nie znaleziono "C:\WINDOWS\SysWOW64\mp4norm.dll" => ":ExtraData" ADS nie znaleziono. "C:\ProgramData\TEMP" => ":1AAB2E68" ADS nie znaleziono. HKU\S-1-5-21-1885980802-37223428-1519408807-500\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => Wartość pomyślnie przywrócono HKU\S-1-5-21-1885980802-37223428-1519408807-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download.microsoft.com => nie znaleziono HKU\S-1-5-21-1885980802-37223428-1519408807-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download.windowsupdate.com => nie znaleziono HKU\S-1-5-21-1885980802-37223428-1519408807-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download.windowsupdate.com => nie znaleziono HKU\S-1-5-21-1885980802-37223428-1519408807-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost => nie znaleziono HKU\S-1-5-21-1885980802-37223428-1519408807-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\microsoft.com => nie znaleziono HKU\S-1-5-21-1885980802-37223428-1519408807-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ntservicepack.microsoft.com => nie znaleziono HKU\S-1-5-21-1885980802-37223428-1519408807-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\update.microsoft.com => nie znaleziono HKU\S-1-5-21-1885980802-37223428-1519408807-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\update.microsoft.com => nie znaleziono HKU\S-1-5-21-1885980802-37223428-1519408807-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\windows.com => nie znaleziono HKU\S-1-5-21-1885980802-37223428-1519408807-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\windowsupdate.com => nie znaleziono HKU\S-1-5-21-1885980802-37223428-1519408807-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\windowsupdate.com => nie znaleziono HKU\S-1-5-21-1885980802-37223428-1519408807-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\windowsupdate.microsoft.com => nie znaleziono HKU\S-1-5-21-1885980802-37223428-1519408807-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ws.microsoft.com => nie znaleziono HKU\S-1-5-21-1885980802-37223428-1519408807-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ws.microsoft.com => nie znaleziono HKU\S-1-5-21-1885980802-37223428-1519408807-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\wustat.windows.com => nie znaleziono ========= RemoveProxy: ========= "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => pomyślnie usunięto "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => pomyślnie usunięto "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => pomyślnie usunięto "HKU\S-1-5-21-1885980802-37223428-1519408807-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => pomyślnie usunięto "HKU\S-1-5-21-1885980802-37223428-1519408807-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => pomyślnie usunięto ========= Koniec RemoveProxy: ========= C:\Windows\System32\Drivers\etc\hosts => pomyślnie przeniesiono Hosts pomyślnie przywrócono. Rejestr ====> Operacja uko�czona pomy�lnie. ========= sc config wuauserv start= delayed-auto ========= [SC] OpenService FAILED 5: Odmowa dost©pu. ========= Koniec CMD: ========= =========== EmptyTemp: ========== BITS transfer queue => 11296768 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8661007 B Java, Flash, Steam htmlcache => 0 B Windows/system/drivers => 391018 B Edge => 0 B Chrome => 16678410 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 0 B NetworkService => 1534 B Administrator => 385293 B RecycleBin => 0 B EmptyTemp: => 35.7 MB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 13:57:12 ====