Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 09-01-2021 Uruchomiony przez Lenovo (15-01-2021 20:33:39) Run:1 Uruchomiony z C:\Users\varga\Downloads\Programs Załadowane profile: Lenovo & _ashbackup_ Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CreateRestorePoint: CloseProcesses: EmptyTemp: HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-1538588995-4231726738-1408357200-1003\...\Run: [GalaxyClient] => [X] HKU\S-1-5-21-1538588995-4231726738-1408357200-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-1538588995-4231726738-1408357200-1003\...\MountPoints2: {e01b96c1-fbff-11ea-aaff-e82a44f67b04} - "E:\AutoRun.exe" BootExecute: autocheck autochk * icarus_rvrt.exe HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Microsoft\Edge: Ograniczenia <==== UWAGA HKU\S-1-5-21-1538588995-4231726738-1408357200-1003\SOFTWARE\Policies\Microsoft\Edge: Ograniczenia <==== UWAGA Task: {1D08CBD6-7F14-495F-8D83-32E4309E3A21} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> Brak pliku <==== UWAGA Task: {1DEB03A9-A194-41DF-8FF8-371F56B9ECD8} - \Lenovo\ImController\TimeBasedEvents\8f8cbee4-6864-487b-9045-a3da6332f748 -> Brak pliku <==== UWAGA Task: {43CDC22C-D440-4AD7-823C-A6AAF4AC4174} - \Lenovo\ImController\TimeBasedEvents\282aefbb-74b3-41fe-9533-38aac68a731e -> Brak pliku <==== UWAGA Task: {56305FB4-B789-4A9B-9B8A-ECCCD49C2856} - \Lenovo\ImController\Lenovo iM Controller Monitor -> Brak pliku <==== UWAGA Task: {573E5F0C-2099-4630-827D-2C0F241D57BA} - \Lenovo\ImController\TimeBasedEvents\4a332dfb-2f7f-4841-ad16-b1b6360283b8 -> Brak pliku <==== UWAGA Task: {6C2F9CAF-9ACF-4FAE-8277-A8764FE6577F} - \Lenovo\ImController\TimeBasedEvents\f1367041-51b8-4a78-afec-d19dcf3743fe -> Brak pliku <==== UWAGA Task: {DA947F4E-4CE7-439A-A663-D0843D34284B} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> Brak pliku <==== UWAGA Task: {F2A4705E-8072-4923-A762-407F41088CB6} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe Tcpip\..\Interfaces\{4e42fdd1-cf14-428c-a1dc-cbb2cf29f36b}: [DhcpNameServer] 8.8.8.8 Tcpip\..\Interfaces\{7d0807f4-ff19-48ac-81d7-f9bebd96625a}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{8c7e3d2e-fe28-4e78-94e8-f9c363b700fa}: [DhcpNameServer] 31.11.202.254 37.8.214.2 Tcpip\..\Interfaces\{984cf497-ac42-4226-986a-4ff185524465}: [DhcpNameServer] 192.168.8.1 Tcpip\..\Interfaces\{ab3af27b-719b-4cfd-81fa-325ce82db304}: [DhcpNameServer] 192.168.8.1 Tcpip\..\Interfaces\{c95383d3-7160-489c-b917-c350b554216c}: [NameServer] 100.120.150.1 Tcpip\..\Interfaces\{d3d17f6e-f362-4b2c-b2c6-40d377e79566}: [DhcpNameServer] 31.11.202.254 37.8.214.2 S2 0163071607961121mcinstcleanup; C:\ProgramData\McInstTemp0163071607961121\McInst.exe [871048 2020-11-03] (McAfee, LLC -> McAfee, LLC) S3 Imf8HpRegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfHpRegFilter.sys [X] S3 ImfHpFileFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfHpFileFilter.sys [X] ContextMenuHandlers1: [ASZipF] -> {e13d3e68-0f44-3d45-b15f-bcfd8a8b4c7e} => -> Brak pliku ContextMenuHandlers1: [ASZipF64] -> {e13d3e78-0f44-3d45-b15f-bcfd8a8b4c7e} => -> Brak pliku ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> Brak pliku ContextMenuHandlers6: [ASZipF] -> {e13d3e68-0f44-3d45-b15f-bcfd8a8b4c7e} => -> Brak pliku ContextMenuHandlers6: [ASZipF64] -> {e13d3e78-0f44-3d45-b15f-bcfd8a8b4c7e} => -> Brak pliku HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-1538588995-4231726738-1408357200-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT171101&iDate=2020-12-04 01:48:05&bName= HKU\S-1-5-21-1538588995-4231726738-1408357200-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE BHO: Brak nazwy -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Brak pliku Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - Brak pliku IE trusted site: HKU\S-1-5-21-1538588995-4231726738-1408357200-1003\...\localhost -> localhost AV: McAfee VirusScan (Enabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C} FW: McAfee Firewall (Enabled) {A57E80C3-3899-292F-ECD6-209A91801C57} RemoveProxy: Hosts: ***************** Punkt przywracania został pomyślnie utworzony. Procesy zostały pomyślnie zamknięte. HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => pomyślnie usunięto "HKU\S-1-5-21-1538588995-4231726738-1408357200-1003\Software\Microsoft\Windows\CurrentVersion\Run\\GalaxyClient" => pomyślnie usunięto "HKU\S-1-5-21-1538588995-4231726738-1408357200-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks" => pomyślnie usunięto HKU\S-1-5-21-1538588995-4231726738-1408357200-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e01b96c1-fbff-11ea-aaff-e82a44f67b04} => pomyślnie usunięto HKLM\System\CurrentControlSet\Control\Session Manager\\"BootExecute"="autocheck autochk *" => Wartość pomyślnie przywrócono HKLM\SOFTWARE\Policies\Mozilla => pomyślnie usunięto HKLM\SOFTWARE\Policies\Google => pomyślnie usunięto HKLM\SOFTWARE\Policies\Microsoft\Edge => pomyślnie usunięto HKU\S-1-5-21-1538588995-4231726738-1408357200-1003\SOFTWARE\Policies\Microsoft\Edge => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1D08CBD6-7F14-495F-8D83-32E4309E3A21}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D08CBD6-7F14-495F-8D83-32E4309E3A21}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1DEB03A9-A194-41DF-8FF8-371F56B9ECD8}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1DEB03A9-A194-41DF-8FF8-371F56B9ECD8}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\8f8cbee4-6864-487b-9045-a3da6332f748" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{43CDC22C-D440-4AD7-823C-A6AAF4AC4174}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43CDC22C-D440-4AD7-823C-A6AAF4AC4174}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\282aefbb-74b3-41fe-9533-38aac68a731e" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{56305FB4-B789-4A9B-9B8A-ECCCD49C2856}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56305FB4-B789-4A9B-9B8A-ECCCD49C2856}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Monitor" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{573E5F0C-2099-4630-827D-2C0F241D57BA}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{573E5F0C-2099-4630-827D-2C0F241D57BA}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\4a332dfb-2f7f-4841-ad16-b1b6360283b8" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C2F9CAF-9ACF-4FAE-8277-A8764FE6577F}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C2F9CAF-9ACF-4FAE-8277-A8764FE6577F}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\f1367041-51b8-4a78-afec-d19dcf3743fe" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DA947F4E-4CE7-439A-A663-D0843D34284B}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA947F4E-4CE7-439A-A663-D0843D34284B}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F2A4705E-8072-4923-A762-407F41088CB6}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F2A4705E-8072-4923-A762-407F41088CB6}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\McAfee\DAD.Execute.Updates => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee\DAD.Execute.Updates" => nie znaleziono "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{4e42fdd1-cf14-428c-a1dc-cbb2cf29f36b}\\DhcpNameServer" => pomyślnie usunięto "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7d0807f4-ff19-48ac-81d7-f9bebd96625a}\\DhcpNameServer" => pomyślnie usunięto "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8c7e3d2e-fe28-4e78-94e8-f9c363b700fa}\\DhcpNameServer" => pomyślnie usunięto "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{984cf497-ac42-4226-986a-4ff185524465}\\DhcpNameServer" => pomyślnie usunięto "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{ab3af27b-719b-4cfd-81fa-325ce82db304}\\DhcpNameServer" => pomyślnie usunięto "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{c95383d3-7160-489c-b917-c350b554216c}\\NameServer" => pomyślnie usunięto "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{d3d17f6e-f362-4b2c-b2c6-40d377e79566}\\DhcpNameServer" => pomyślnie usunięto HKLM\System\CurrentControlSet\Services\0163071607961121mcinstcleanup => pomyślnie usunięto 0163071607961121mcinstcleanup => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\Imf8HpRegFilter => pomyślnie usunięto Imf8HpRegFilter => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\ImfHpFileFilter => pomyślnie usunięto ImfHpFileFilter => serwis pomyślnie usunięto HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ASZipF => pomyślnie usunięto HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ASZipF64 => pomyślnie usunięto HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ACE => pomyślnie usunięto HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\ASZipF => pomyślnie usunięto HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\ASZipF64 => pomyślnie usunięto HKLM\Software\\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\System32\blank.htm" => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\SysWOW64\blank.htm" => Wartość pomyślnie przywrócono HKU\S-1-5-21-1538588995-4231726738-1408357200-1003\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => Wartość pomyślnie przywrócono HKU\S-1-5-21-1538588995-4231726738-1408357200-1003\Software\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => Wartość pomyślnie przywrócono HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => pomyślnie usunięto HKLM\Software\Classes\PROTOCOLS\Filter\application/x-mfe-ipt => pomyślnie usunięto HKU\S-1-5-21-1538588995-4231726738-1408357200-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost => pomyślnie usunięto "AV: McAfee VirusScan (Enabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}" => pomyślnie usunięto "FW: McAfee Firewall (Enabled) {A57E80C3-3899-292F-ECD6-209A91801C57}" => pomyślnie usunięto ========= RemoveProxy: ========= "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => pomyślnie usunięto "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => pomyślnie usunięto "HKU\S-1-5-21-1538588995-4231726738-1408357200-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => pomyślnie usunięto "HKU\S-1-5-21-1538588995-4231726738-1408357200-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => pomyślnie usunięto "HKU\S-1-5-21-1538588995-4231726738-1408357200-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => pomyślnie usunięto "HKU\S-1-5-21-1538588995-4231726738-1408357200-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => pomyślnie usunięto ========= Koniec RemoveProxy: ========= C:\Windows\System32\Drivers\etc\hosts => pomyślnie przeniesiono Hosts pomyślnie przywrócono. =========== EmptyTemp: ========== BITS transfer queue => 10510336 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 67809211 B Java, Flash, Steam htmlcache => 374998411 B Windows/system/drivers => 11437841 B Edge => 0 B Chrome => 0 B Firefox => 23371913 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 6656 B Users => 6656 B ProgramData => 6656 B Public => 6656 B systemprofile => 21055606 B systemprofile32 => 21055606 B LocalService => 21055606 B NetworkService => 26291134 B varga => 37031588 B _ashbackup_ => 37039333 B RecycleBin => 0 B EmptyTemp: => 621.5 MB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 20:37:11 ====