Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 24-02-2021
Uruchomiony przez ja (25-02-2021 18:11:13) Run:1
Uruchomiony z C:\Users\ja\Desktop
Załadowane profile: ja
Tryb startu: Normal
==============================================

fixlist - zawartość:
*****************
CloseProcesses:
CreateRestorePoint:
EmptyTemp:
File: C:\Windows\Installer\{3F4681F3-B30B-4531-ADB2-3661B531F926}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe
HKU\S-1-5-21-4130930810-442519499-496061474-1002\...\MountPoints2: {1f7e93bb-4af5-11eb-a762-6c626d434b3f} - "D:\_AUTORUN\AUTORUN.EXE" 
HKU\S-1-5-21-4130930810-442519499-496061474-1002\...\MountPoints2: {cdffa5b6-25b8-11eb-a75c-6c626d434b3f} - "F:\_AUTORUN\AUTORUN.EXE" 
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA
Task: {0CD66318-CD8D-46D7-B377-F3254B562BD6} - System32\Tasks\Opera scheduled Autoupdate 1607619698 => C:\Users\ja\AppData\Local\Programs\Opera\launcher.exe [1776280 2021-01-14] (Opera Software AS -> Opera Software)
Task: {ECF3B82F-17A7-4DA9-B95C-8747747ED361} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1773192 2020-11-13] (AVG Technologies USA, LLC -> AVG Technologies)
Tcpip\..\Interfaces\{aa43e623-34b7-4bb0-85c8-213618b9f95c}: [NameServer] 192.168.0.1,8.8.8.8
Tcpip\..\Interfaces\{f8613c5e-8385-4bca-a052-5c77939d2895}: [DhcpNameServer] 192.168.0.1
FF Plugin-x32: 3ds.com/ComposerPlayerWebPlugin_x86_64 -> \\devsilo1\builds\sw2020_sp04\sw\Release\x64\d200715.002.V37.final\composer\Bin\npcomposerplayerwebplugin.dll [Brak pliku]
OPR Extension: (Rich Hints Agent) - C:\Users\ja\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-12-10]
R2 IBuddyService; C:\Program Files (x86)\IBuddy\IBuddyService.exe [8245224 2021-02-18] (KAY ENTERPRICES LIMITED -> IdleTime Software) [Brak podpisu cyfrowego]
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
FirewallRules: [{525871D4-CF58-488F-AC9A-58A3AFF1D0AB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => Brak pliku
FirewallRules: [{2B5E6DB7-9CB0-41C1-BFA9-773056D1B614}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => Brak pliku
FirewallRules: [{E93CA3F8-5EB5-4C21-918C-E0CAC9B1DC62}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Brak pliku
FirewallRules: [{82B1FD0D-F87C-4B0F-9E9E-9B422112F6DA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Brak pliku
FirewallRules: [TCP Query User{84D7C2C1-2C5D-47B0-BDB9-033C313F14A8}E:\game\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe] => (Allow) E:\game\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe => Brak pliku
FirewallRules: [UDP Query User{CFD0B00D-87B4-4C49-88DF-C508678405E5}E:\game\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe] => (Allow) E:\game\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe => Brak pliku
FirewallRules: [TCP Query User{B8C7E064-F123-410B-865B-B6674275B0DD}E:\game\efootball pes 2021\pes2021.exe] => (Allow) E:\game\efootball pes 2021\pes2021.exe => Brak pliku
FirewallRules: [UDP Query User{7038677D-FA1B-43FC-8B8D-9CA7F5F6DC79}E:\game\efootball pes 2021\pes2021.exe] => (Allow) E:\game\efootball pes 2021\pes2021.exe => Brak pliku
FirewallRules: [TCP Query User{F177A74C-7181-4F2B-A43E-7166D7288EC3}E:\game\ride 4\ride4\binaries\win64\ride4-win64-shipping.exe] => (Block) E:\game\ride 4\ride4\binaries\win64\ride4-win64-shipping.exe => Brak pliku
FirewallRules: [UDP Query User{18A19014-B27F-48E2-A8D5-62A4632C5A8D}E:\game\ride 4\ride4\binaries\win64\ride4-win64-shipping.exe] => (Block) E:\game\ride 4\ride4\binaries\win64\ride4-win64-shipping.exe => Brak pliku
FirewallRules: [TCP Query User{B01BC6DF-28D6-4013-BB89-779B744C8534}E:\starcraft ii\versions\base82457\sc2_x64.exe] => (Allow) E:\starcraft ii\versions\base82457\sc2_x64.exe => Brak pliku
FirewallRules: [UDP Query User{FA84BFE5-6F3D-4121-9A83-16DF348DECB1}E:\starcraft ii\versions\base82457\sc2_x64.exe] => (Allow) E:\starcraft ii\versions\base82457\sc2_x64.exe => Brak pliku
FirewallRules: [TCP Query User{ECE2926C-BDF5-4814-8271-46AFD24E03E7}C:\users\ja\downloads\cyberpunk.2077.gog.rip-insaneramzes\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) C:\users\ja\downloads\cyberpunk.2077.gog.rip-insaneramzes\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Brak pliku
FirewallRules: [UDP Query User{69CD3833-BFBD-4F92-A9BD-86209A7A69AF}C:\users\ja\downloads\cyberpunk.2077.gog.rip-insaneramzes\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) C:\users\ja\downloads\cyberpunk.2077.gog.rip-insaneramzes\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Brak pliku
FirewallRules: [{B9007A04-07A6-4A02-809B-182F5A775D9A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => Brak pliku
FirewallRules: [{07A1E135-EBAE-41C4-B20B-BD8E0C44461B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => Brak pliku
FirewallRules: [{CD25504E-7258-45C5-88B8-EBBB9679EEFB}] => (Allow) LPort=8028
FirewallRules: [{422ABD7F-03EE-4B5A-B501-6BB9891F375D}] => (Allow) LPort=8028
FirewallRules: [{4F64F2A5-AC55-4F1D-AF99-932C20144ADD}] => (Allow) LPort=8028
FirewallRules: [{4609427B-CE34-4826-BDC6-7A3214A590E1}] => (Allow) LPort=8028
FirewallRules: [{05BEC3E5-28BD-4884-8897-EF4C8908ED98}] => (Allow) LPort=8028
FirewallRules: [{6FCDB2E3-458B-4B3B-9ED6-55575B568B4E}] => (Allow) LPort=8028
FirewallRules: [{C1DD4221-D748-431E-B249-AC7324DC8CC5}] => (Allow) LPort=3074
FirewallRules: [{EFA33644-D96F-4F40-B95D-96A9BECE9080}] => (Allow) LPort=27036
FirewallRules: [{2E18E92A-4CCA-4031-8C4F-32BE7CA4B38A}] => (Allow) LPort=8028
FirewallRules: [{26634D85-7D7B-4299-B003-CDAA405D168F}] => (Allow) LPort=8028
FirewallRules: [{4B0AB671-FF07-4E61-B5A3-16494CE7C671}] => (Allow) LPort=8028
Hosts:
RemoveProxy:

*****************

Procesy zostały pomyślnie zamknięte.
Punkt przywracania został pomyślnie utworzony.

========================= File: C:\Windows\Installer\{3F4681F3-B30B-4531-ADB2-3661B531F926}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe ========================

C:\Windows\Installer\{3F4681F3-B30B-4531-ADB2-3661B531F926}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe
Brak podpisu cyfrowego
MD5: AFA19F28F347DEE5CDE1073F00C90D1C
Data utworzenia i modyfikacji: 2021-01-24 16:52 - 2021-01-24 16:52
Rozmiar: 000335872
Atrybuty: ---RA
Firma: Flexera
Wewnętrzna nazwa: _IsIcoRes.exe
Oryginalna nazwa: _IsIcoRes.exe
Produkt: InstallShield
Opis: InstallShield
Plik Wersja: 24.0.573
Produkt Wersja: 24.0
Prawa autorskie: Copyright (c) 2018 Flexera. All Rights Reserved.
VirusTotal: https://www.virustotal.com/gui/file/3b0b6b7bde334bfdae03a2b5c8ab3f6e4d75dbc0cb7b787e59d9e45051969666/detection/f-3b0b6b7bde334bfdae03a2b5c8ab3f6e4d75dbc0cb7b787e59d9e45051969666-1613463776

====== Koniec  File: ======

HKU\S-1-5-21-4130930810-442519499-496061474-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1f7e93bb-4af5-11eb-a762-6c626d434b3f} => pomyślnie usunięto
HKU\S-1-5-21-4130930810-442519499-496061474-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cdffa5b6-25b8-11eb-a75c-6c626d434b3f} => pomyślnie usunięto
HKLM\SOFTWARE\Policies\Mozilla => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0CD66318-CD8D-46D7-B377-F3254B562BD6}" => nie znaleziono
C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1607619698 => pomyślnie przeniesiono
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1607619698" => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{ECF3B82F-17A7-4DA9-B95C-8747747ED361}" => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ECF3B82F-17A7-4DA9-B95C-8747747ED361}" => pomyślnie usunięto
C:\Windows\System32\Tasks\AVG\Overseer => pomyślnie przeniesiono
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG\Overseer" => pomyślnie usunięto
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{aa43e623-34b7-4bb0-85c8-213618b9f95c}\\NameServer" => pomyślnie usunięto
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{f8613c5e-8385-4bca-a052-5c77939d2895}\\DhcpNameServer" => pomyślnie usunięto
HKLM\Software\Wow6432Node\MozillaPlugins\3ds.com/ComposerPlayerWebPlugin_x86_64 => pomyślnie usunięto
OPR Extension: (Rich Hints Agent) - C:\Users\ja\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-12-10] => Błąd: Nie znaleziono automatycznej naprawy dla tego wejścia.
IBuddyService => Nie można zatrzymać usługi.
"HKLM\System\CurrentControlSet\Services\IBuddyService" => pomyślnie usunięto
IBuddyService => serwis pomyślnie usunięto
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => pomyślnie usunięto
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avg => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{525871D4-CF58-488F-AC9A-58A3AFF1D0AB}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2B5E6DB7-9CB0-41C1-BFA9-773056D1B614}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E93CA3F8-5EB5-4C21-918C-E0CAC9B1DC62}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{82B1FD0D-F87C-4B0F-9E9E-9B422112F6DA}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{84D7C2C1-2C5D-47B0-BDB9-033C313F14A8}E:\game\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CFD0B00D-87B4-4C49-88DF-C508678405E5}E:\game\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B8C7E064-F123-410B-865B-B6674275B0DD}E:\game\efootball pes 2021\pes2021.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7038677D-FA1B-43FC-8B8D-9CA7F5F6DC79}E:\game\efootball pes 2021\pes2021.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F177A74C-7181-4F2B-A43E-7166D7288EC3}E:\game\ride 4\ride4\binaries\win64\ride4-win64-shipping.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{18A19014-B27F-48E2-A8D5-62A4632C5A8D}E:\game\ride 4\ride4\binaries\win64\ride4-win64-shipping.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B01BC6DF-28D6-4013-BB89-779B744C8534}E:\starcraft ii\versions\base82457\sc2_x64.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FA84BFE5-6F3D-4121-9A83-16DF348DECB1}E:\starcraft ii\versions\base82457\sc2_x64.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{ECE2926C-BDF5-4814-8271-46AFD24E03E7}C:\users\ja\downloads\cyberpunk.2077.gog.rip-insaneramzes\cyberpunk 2077\bin\x64\cyberpunk2077.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{69CD3833-BFBD-4F92-A9BD-86209A7A69AF}C:\users\ja\downloads\cyberpunk.2077.gog.rip-insaneramzes\cyberpunk 2077\bin\x64\cyberpunk2077.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B9007A04-07A6-4A02-809B-182F5A775D9A}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{07A1E135-EBAE-41C4-B20B-BD8E0C44461B}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CD25504E-7258-45C5-88B8-EBBB9679EEFB}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{422ABD7F-03EE-4B5A-B501-6BB9891F375D}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4F64F2A5-AC55-4F1D-AF99-932C20144ADD}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4609427B-CE34-4826-BDC6-7A3214A590E1}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{05BEC3E5-28BD-4884-8897-EF4C8908ED98}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6FCDB2E3-458B-4B3B-9ED6-55575B568B4E}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C1DD4221-D748-431E-B249-AC7324DC8CC5}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EFA33644-D96F-4F40-B95D-96A9BECE9080}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2E18E92A-4CCA-4031-8C4F-32BE7CA4B38A}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{26634D85-7D7B-4299-B003-CDAA405D168F}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4B0AB671-FF07-4E61-B5A3-16494CE7C671}" => pomyślnie usunięto
C:\Windows\System32\Drivers\etc\hosts => pomyślnie przeniesiono
Hosts pomyślnie przywrócono.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => pomyślnie usunięto
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => pomyślnie usunięto
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => pomyślnie usunięto
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => pomyślnie usunięto
"HKU\S-1-5-21-4130930810-442519499-496061474-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => pomyślnie usunięto
"HKU\S-1-5-21-4130930810-442519499-496061474-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => pomyślnie usunięto


========= Koniec  RemoveProxy: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 105100001 B
Java, Flash, Steam htmlcache => 211948070 B
Windows/system/drivers => 6088209 B
Edge => 959828 B
Chrome => 459458473 B
Firefox => 0 B
Opera => 21697611 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 64710 B
NetworkService => 68262 B
ja => 324338628 B

RecycleBin => 5170664 B
EmptyTemp: => 1.1 GB danych tymczasowych Usunięto.

================================


System wymagał restartu.

==== Koniec  Fixlog 18:11:53 ====