Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 22-03-2020 Uruchomiony przez Mateusz (24-03-2020 21:41:47) Run:1 Uruchomiony z C:\Users\Mateusz\Desktop Załadowane profile: Mateusz (Dostępne profile: Mateusz) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: EmptyTemp: VirusTotal: C:\WINDOWS\system32\Drivers\sptd2.sys HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-4188864978-2593666476-2013390648-1001\...\MountPoints2: {5880d5a3-6c76-11ea-97af-309c238354f9} - "G:\SETUP.EXE" Tcpip\..\Interfaces\{0a3992e1-f294-4f90-a645-9d29505c4283}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{1fdf4bed-bd64-4da8-b9d5-cf325d452c67}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{d39b33f3-00d8-4203-bbe2-c92de7f1228a}: [DhcpNameServer] 172.20.10.1 CHR DefaultSearchURL: Default -> hxxps://pl.search.yahoo.com/search?fr=mcafee_uninternational&type=E210PL91105G0&p={searchTerms} CHR DefaultSearchKeyword: Default -> mcafee 2020-03-22 20:51 - 2020-03-23 22:51 - 000000000 ____D C:\Users\Mateusz\AppData\Local\luminati 2020-03-22 20:51 - 2020-03-23 22:51 - 000000000 ____D C:\Program Files (x86)\Alcohol Soft 2020-03-22 20:51 - 2020-03-22 20:51 - 000000000 ____D C:\WINDOWS\SysWOW64\luminati 2020-03-22 20:51 - 2020-03-22 20:51 - 000000000 ____D C:\Users\Mateusz\Documents\Alcohol 120% 2020-03-22 20:51 - 2020-03-22 20:51 - 000000000 ____D C:\ProgramData\Alcohol Soft ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Brak pliku ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Brak pliku ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Brak pliku ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Brak pliku AlternateDataStreams: C:\Users\Mateusz\Dane aplikacji:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\Mateusz\ntuser.ini:NTV [11550] AlternateDataStreams: C:\Users\Mateusz\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [470] FirewallRules: [UDP Query User{EBC15A12-650C-4825-AD47-8EFCEC08950B}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe Brak pliku FirewallRules: [TCP Query User{C5FF2165-0D5B-4509-93B0-51BBE95EFBCD}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe Brak pliku FirewallRules: [{888AFA79-8CCD-4605-8D46-0E19AF76EB3E}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe Brak pliku FirewallRules: [{3D1B726C-A640-4C22-B56A-AF9285AC9EC7}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe Brak pliku FirewallRules: [{39316F29-45EE-48D8-81EE-0345A317FF0B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe Brak pliku FirewallRules: [{9E7D0493-A09C-4247-9547-DC5748494211}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe Brak pliku FirewallRules: [TCP Query User{30DEB08B-1902-4861-BE98-62F2ADA9938A}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe Brak pliku FirewallRules: [UDP Query User{98922ECE-B8BA-433D-A6B4-076E36151DD7}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe Brak pliku FirewallRules: [TCP Query User{1F59F41A-BE76-4406-AFA2-05E2982FF9CD}C:\program files\lghub\lghub_agent.exe] => (Block) C:\program files\lghub\lghub_agent.exe Brak pliku FirewallRules: [UDP Query User{1DAE0C71-E78E-4E24-B9F1-A72B6E2F15A2}C:\program files\lghub\lghub_agent.exe] => (Block) C:\program files\lghub\lghub_agent.exe Brak pliku RemoveProxy: Hosts: StartBatch: cd C:\WINDOWS\system32\config\systemprofile\AppData\Local mkdir TileDataLayer cd TileDataLayer mkdir Database EndBatch: ***************** Procesy zostały pomyślnie zamknięte. Punkt przywracania został pomyślnie utworzony. VirusTotal: C:\WINDOWS\system32\Drivers\sptd2.sys => https://www.virustotal.com/file/50d636118b0a5e678313835526f450d20091af289e412045d6d8e28dd72b1861/analysis/1572885497/ HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => pomyślnie usunięto HKU\S-1-5-21-4188864978-2593666476-2013390648-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5880d5a3-6c76-11ea-97af-309c238354f9} => pomyślnie usunięto "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{0a3992e1-f294-4f90-a645-9d29505c4283}\\DhcpNameServer" => pomyślnie usunięto "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1fdf4bed-bd64-4da8-b9d5-cf325d452c67}\\DhcpNameServer" => pomyślnie usunięto "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{d39b33f3-00d8-4203-bbe2-c92de7f1228a}\\DhcpNameServer" => pomyślnie usunięto "Chrome DefaultSearchURL" => pomyślnie usunięto "Chrome DefaultSearchKeyword" => pomyślnie usunięto C:\Users\Mateusz\AppData\Local\luminati => pomyślnie przeniesiono C:\Program Files (x86)\Alcohol Soft => pomyślnie przeniesiono C:\WINDOWS\SysWOW64\luminati => pomyślnie przeniesiono C:\Users\Mateusz\Documents\Alcohol 120% => pomyślnie przeniesiono C:\ProgramData\Alcohol Soft => pomyślnie przeniesiono HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => pomyślnie usunięto HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => pomyślnie usunięto "HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => pomyślnie usunięto HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => pomyślnie usunięto HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => pomyślnie usunięto C:\Users\Mateusz\Dane aplikacji => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS pomyślnie usunięto C:\Users\Mateusz\ntuser.ini => ":NTV" ADS pomyślnie usunięto "C:\Users\Mateusz\AppData\Roaming" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS nie znaleziono. C:\Users\Public\Shared Files => ":VersionCache" ADS pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EBC15A12-650C-4825-AD47-8EFCEC08950B}C:\riot games\league of legends\game\league of legends.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C5FF2165-0D5B-4509-93B0-51BBE95EFBCD}C:\riot games\league of legends\game\league of legends.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{888AFA79-8CCD-4605-8D46-0E19AF76EB3E}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3D1B726C-A640-4C22-B56A-AF9285AC9EC7}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{39316F29-45EE-48D8-81EE-0345A317FF0B}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9E7D0493-A09C-4247-9547-DC5748494211}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{30DEB08B-1902-4861-BE98-62F2ADA9938A}C:\program files\lghub\lghub_agent.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{98922ECE-B8BA-433D-A6B4-076E36151DD7}C:\program files\lghub\lghub_agent.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1F59F41A-BE76-4406-AFA2-05E2982FF9CD}C:\program files\lghub\lghub_agent.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1DAE0C71-E78E-4E24-B9F1-A72B6E2F15A2}C:\program files\lghub\lghub_agent.exe" => pomyślnie usunięto ========= RemoveProxy: ========= "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => pomyślnie usunięto "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => pomyślnie usunięto "HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => pomyślnie usunięto "HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => pomyślnie usunięto "HKU\S-1-5-21-4188864978-2593666476-2013390648-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => pomyślnie usunięto "HKU\S-1-5-21-4188864978-2593666476-2013390648-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => pomyślnie usunięto ========= Koniec RemoveProxy: ========= C:\Windows\System32\Drivers\etc\hosts => pomyślnie przeniesiono Hosts pomyślnie przywrócono. ========= Batch: ========= ========= Koniec Batch: ========= =========== EmptyTemp: ========== BITS transfer queue => 8937472 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 32164660 B Java, Flash, Steam htmlcache => 205681272 B Windows/system/drivers => 8840530 B Edge => 6963647 B Chrome => 329750640 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 85864 B NetworkService => 175396 B Mateusz => 78330845 B RecycleBin => 177042 B EmptyTemp: => 640 MB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 21:42:03 ====