Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 05-11-2023 02 Uruchomiony przez smako (29-11-2023 18:36:28) Run:1 Uruchomiony z C:\Users\smako\Desktop Załadowane profile: smako Tryb startu: Normal ============================================== fixlist - zawartość: ***************** SystemRestore: On CreateRestorePoint: CloseProcesses: EmptyTemp: HKLM-x32\...\Run: [Autodesk Desktop App] => "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray (Brak pliku) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN (Brak pliku) HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (Brak pliku) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Ograniczenia <==== UWAGA HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Ograniczenia <==== UWAGA HKU\S-1-5-21-1198729179-1031625994-2403384739-1001\...\Run: [Synapse3] => "C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe" /StartMinimized (Brak pliku) HKU\S-1-5-21-1198729179-1031625994-2403384739-1001\...\Run: [GalaxyClient] => [X] HKU\S-1-5-21-1198729179-1031625994-2403384739-1001\...\Run: [rus.exe] => C:\Users\smako\AppData\Local\Temp\1000015051\rus.exe (Brak pliku) <==== UWAGA HKU\S-1-5-21-1198729179-1031625994-2403384739-1001\...\Run: [foto3553.exe] => C:\Users\smako\AppData\Local\Temp\1000016051\foto3553.exe (Brak pliku) <==== UWAGA HKU\S-1-5-21-1198729179-1031625994-2403384739-1001\...\Run: [nano.exe] => C:\Users\smako\AppData\Local\Temp\1000017051\nano.exe (Brak pliku) <==== UWAGA HKU\S-1-5-21-1198729179-1031625994-2403384739-1001\...\Policies\Explorer: [] HKU\S-1-5-21-1198729179-1031625994-2403384739-1001\...\MountPoints2: {66be007b-c865-11eb-b35c-a85e45c61f2f} - "E:\Install.exe" HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (Brak pliku) ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (Brak pliku) GroupPolicy: Ograniczenia - Windows Defender <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA Task: {5CFA333B-79B9-4C1E-B0A1-86D8C78C4EC0} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2181560 2023-08-01] (AVG Technologies USA, LLC -> AVG Technologies) Task: {0BEE1AED-740F-4AFC-A29F-364B31F261E1} - System32\Tasks\Firefox Default Browser Agent 9C7BCB68D982EE0A => C:\Users\smako\AppData\Roaming\vrvcwrc [97240 2023-09-18] (Microsoft Corporation -> Microsoft Corporation) <==== UWAGA Task: {D3AE2B0F-7C3A-469F-96AB-40131CA17486} - System32\Tasks\MATLAB R2022b Startup Accelerator => C:\Program Files\MATLAB\R2022b\bin\win64\MATLABStartupAccelerator.exe (Brak pliku) Task: {DA9B420C-AD81-42A6-B80C-C131BF17E329} - System32\Tasks\oneetx.exe => C:\Users\smako\AppData\Local\Temp\207aa4515d\oneetx.exe (Brak pliku) <==== UWAGA Task: {B066A85F-405D-4154-8DFF-2F6867E95D7C} - System32\Tasks\WindowsAppPool\yy5eRS7cA42d77F => C:\Users\smako\AppData\Local\Temp\yy5eRS7cA42d77F.exe (Brak pliku) <==== UWAGA Tcpip\..\Interfaces\{b9fc69cd-be21-486f-8798-e45ff68a4662}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{f2e5c56f-67e2-489c-9156-8170d1a6ceaf}: [DhcpNameServer] 192.168.0.1 S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X] C:\Users\smako\AppData\Roaming\tastria C:\Users\smako\AppData\Roaming\vrvcwrc CustomCLSID: HKU\S-1-5-21-1198729179-1031625994-2403384739-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2021\acad.exe => Brak pliku CustomCLSID: HKU\S-1-5-21-1198729179-1031625994-2403384739-1001_Classes\CLSID\{4746B5E0-060B-9CAE-B25C-A34D24B22D21}\InprocServer32 -> C:\Program Files (x86)\Common Files\System\ole32.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-1198729179-1031625994-2403384739-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2021\acad.exe /Automation => Brak pliku CustomCLSID: HKU\S-1-5-21-1198729179-1031625994-2403384739-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\smako\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20130.1\x64\Microsoft.Teams.AddinLoader.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-1198729179-1031625994-2403384739-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2021\pl-PL\acadficn.dll => Brak pliku RemoveProxy: Hosts: ***************** SystemRestore: On => ukończone Punkt przywracania został pomyślnie utworzony. Procesy zostały pomyślnie zamknięte. "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Autodesk Desktop App" => pomyślnie usunięto "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\BrStsMon00" => pomyślnie usunięto "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\TeamsMachineUninstallerProgramData" => pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => Wartość pomyślnie przywrócono HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => Wartość pomyślnie przywrócono HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => pomyślnie usunięto HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => pomyślnie usunięto HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center => pomyślnie usunięto "HKU\S-1-5-21-1198729179-1031625994-2403384739-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Synapse3" => pomyślnie usunięto "HKU\S-1-5-21-1198729179-1031625994-2403384739-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GalaxyClient" => pomyślnie usunięto "HKU\S-1-5-21-1198729179-1031625994-2403384739-1001\Software\Microsoft\Windows\CurrentVersion\Run\\rus.exe" => pomyślnie usunięto "HKU\S-1-5-21-1198729179-1031625994-2403384739-1001\Software\Microsoft\Windows\CurrentVersion\Run\\foto3553.exe" => pomyślnie usunięto "HKU\S-1-5-21-1198729179-1031625994-2403384739-1001\Software\Microsoft\Windows\CurrentVersion\Run\\nano.exe" => pomyślnie usunięto "HKU\S-1-5-21-1198729179-1031625994-2403384739-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => pomyślnie usunięto HKU\S-1-5-21-1198729179-1031625994-2403384739-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{66be007b-c865-11eb-b35c-a85e45c61f2f} => pomyślnie usunięto "HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Synapse3" => pomyślnie usunięto "C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe" => nie znaleziono "C:\WINDOWS\system32\GroupPolicy\Machine" folder - przenoszenie: C:\WINDOWS\system32\GroupPolicy\Machine => pomyślnie przeniesiono C:\WINDOWS\system32\GroupPolicy\GPT.ini => pomyślnie przeniesiono C:\ProgramData\NTUSER.pol => pomyślnie przeniesiono HKLM\SOFTWARE\Policies\Mozilla => pomyślnie usunięto HKLM\SOFTWARE\Policies\Google => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{5CFA333B-79B9-4C1E-B0A1-86D8C78C4EC0}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5CFA333B-79B9-4C1E-B0A1-86D8C78C4EC0}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\AVG\Overseer => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG\Overseer" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0BEE1AED-740F-4AFC-A29F-364B31F261E1}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0BEE1AED-740F-4AFC-A29F-364B31F261E1}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\Firefox Default Browser Agent 9C7BCB68D982EE0A => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Firefox Default Browser Agent 9C7BCB68D982EE0A" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D3AE2B0F-7C3A-469F-96AB-40131CA17486}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D3AE2B0F-7C3A-469F-96AB-40131CA17486}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\MATLAB R2022b Startup Accelerator => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MATLAB R2022b Startup Accelerator" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DA9B420C-AD81-42A6-B80C-C131BF17E329}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA9B420C-AD81-42A6-B80C-C131BF17E329}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\oneetx.exe => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\oneetx.exe" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B066A85F-405D-4154-8DFF-2F6867E95D7C}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B066A85F-405D-4154-8DFF-2F6867E95D7C}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\WindowsAppPool\yy5eRS7cA42d77F => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WindowsAppPool\yy5eRS7cA42d77F" => pomyślnie usunięto "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{b9fc69cd-be21-486f-8798-e45ff68a4662}\\DhcpNameServer" => pomyślnie usunięto "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{f2e5c56f-67e2-489c-9156-8170d1a6ceaf}\\DhcpNameServer" => pomyślnie usunięto HKLM\System\CurrentControlSet\Services\nvvad_WaveExtensible => pomyślnie usunięto nvvad_WaveExtensible => serwis pomyślnie usunięto C:\Users\smako\AppData\Roaming\tastria => pomyślnie przeniesiono C:\Users\smako\AppData\Roaming\vrvcwrc => pomyślnie przeniesiono HKU\S-1-5-21-1198729179-1031625994-2403384739-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8} => pomyślnie usunięto HKU\S-1-5-21-1198729179-1031625994-2403384739-1001_Classes\CLSID\{4746B5E0-060B-9CAE-B25C-A34D24B22D21} => pomyślnie usunięto HKU\S-1-5-21-1198729179-1031625994-2403384739-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3} => pomyślnie usunięto HKU\S-1-5-21-1198729179-1031625994-2403384739-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92} => pomyślnie usunięto HKU\S-1-5-21-1198729179-1031625994-2403384739-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005} => pomyślnie usunięto ========= RemoveProxy: ========= "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => pomyślnie usunięto "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => pomyślnie usunięto "HKU\S-1-5-21-1198729179-1031625994-2403384739-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => pomyślnie usunięto "HKU\S-1-5-21-1198729179-1031625994-2403384739-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => pomyślnie usunięto ========= Koniec RemoveProxy: ========= C:\Windows\System32\Drivers\etc\hosts => pomyślnie przeniesiono Hosts pomyślnie przywrócono. =========== EmptyTemp: ========== FlushDNS => ukończone BITS transfer queue => 1572864 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 258051799 B Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 1307339165 B