Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 11-01-2023
Uruchomiony przez Ahmed (11-01-2023 17:48:00) Run:1
Uruchomiony z C:\Users\Ahmed\Downloads
Załadowane profile: Ahmed
Tryb startu: Normal
==============================================

fixlist - zawartość:
*****************
CreateRestorePoint:
CloseProcesses:
EmptyTemp:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Ograniczenia <==== UWAGA
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Ograniczenia <==== UWAGA
HKU\S-1-5-21-1306247612-828193906-1523655640-1001\...\Run: [ProductAuthenticationService] => C:\Users\Ahmed\AppData\Roaming\ProductAuthenticationService\pas.exe [1004072 2022-01-05] (ResolveDevOps Limited -> ResolveDevOps Limited) <==== UWAGA
HKU\S-1-5-21-1306247612-828193906-1523655640-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-1306247612-828193906-1523655640-1001\...\MountPoints2: F - "F:\setup.exe" 
HKU\S-1-5-21-1306247612-828193906-1523655640-1001\...\MountPoints2: L - "L:\AutoRun.exe" --autorun
BootExecute: autocheck autochk *  
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA
HKU\S-1-5-21-1306247612-828193906-1523655640-1001\...\Policies\Explorer\DisallowRun: [1] irsetup.exe
Task: {571766B3-6DFF-4B60-BB49-D5B2C4D66DC5} - System32\Tasks\Update Manager => C:\Users\Ahmed\AppData\Roaming\Metal.Gear.Solid.V.The.Phantom.Pain-ALI213\Upgrade.exe /upgradeid=f561932c-0bef-41b9-9289-b7d5c099b86b (Brak pliku)
Task: {B1AF7A31-9B50-40F2-A936-F120EF709423} - System32\Tasks\Microsoft\Windows\NetFramework\Microsoft .NET Framework => C:\Windows\Microsoft.NET\Framework\v3.5\mscorsvw.exe -pool us1.ethermine.org:4444 -pool2 us2.ethermine.org:4444 -wal 0xf6c75E7D9557a97E576308C55b93d82C8a8a05C8.MyRig -proto 3 (Brak pliku)
Tcpip\..\Interfaces\{656f287a-4d8e-4de3-b7d1-849ade78ab6f}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{b36dfe1a-a810-4a02-b702-bcaee67d0623}: [DhcpNameServer] 192.168.1.1
S3 gencounter; \SystemRoot\System32\drivers\vmgencounter.sys [X]
FirewallRules: [{7062407B-927B-4865-9BDC-3DE4FC088B60}] => (Allow) C:\Users\Ahmed\AppData\Roaming\Zoom\bin\airhost.exe => Brak pliku
FirewallRules: [{26491890-3548-4872-A1ED-B802EB5BDCB4}] => (Allow) C:\Users\Ahmed\AppData\Roaming\Zoom\bin\airhost.exe => Brak pliku
FirewallRules: [{CDE222B6-5820-4690-BFEC-A482F2C63350}] => (Allow) C:\Program Files\Avid\Pro Tools FirstProToolsFirst.exe => Brak pliku
FirewallRules: [{A3E9DA27-8FEB-4827-92C6-8E79CA11D308}] => (Allow) D:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => Brak pliku
FirewallRules: [TCP Query User{5997F3D8-35EB-4B9F-9D82-CDB482D1BC3B}C:\program files\java\jre1.8.0_301\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_301\bin\javaw.exe => Brak pliku
FirewallRules: [UDP Query User{5ACF29EA-B38B-48C9-BABC-26CE39193AB8}C:\program files\java\jre1.8.0_301\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_301\bin\javaw.exe => Brak pliku
FirewallRules: [TCP Query User{D30CD7B0-63A5-4D55-9BE5-81E4D4228A83}D:\lolkurwa\riot games\riot client\riotclientservices.exe] => (Allow) D:\lolkurwa\riot games\riot client\riotclientservices.exe => Brak pliku
FirewallRules: [UDP Query User{67D04031-A968-43E6-BB10-92CD1B2F96E3}D:\lolkurwa\riot games\riot client\riotclientservices.exe] => (Allow) D:\lolkurwa\riot games\riot client\riotclientservices.exe => Brak pliku
FirewallRules: [{0323FCA2-932B-4AB1-BD1D-534AF4811D8F}] => (Allow) D:\Program Files\Steam\steamapps\common\FarathanDemo\windows_content\Farathan_new_Demo.exe => Brak pliku
FirewallRules: [{58CE4E73-BEAA-4996-9BB2-B2191E53B07A}] => (Allow) D:\Program Files\Steam\steamapps\common\FarathanDemo\windows_content\Farathan_new_Demo.exe => Brak pliku
FirewallRules: [{533CA214-5BF7-447B-A437-F6B5BBF0653F}] => (Allow) C:\WINDOWS\SysWOW64\CompatTelRunner.exe => Brak pliku
FirewallRules: [{E8E916A7-791A-4414-A32C-DA6E892450CE}] => (Allow) C:\WINDOWS\SysWOW64\CompatTelRunner.exe => Brak pliku
FirewallRules: [{BE9F06A3-4743-4BD0-85B0-C75608F84CFA}] => (Allow) C:\WINDOWS\SysWOW64\CompatTelRunner.exe => Brak pliku
FirewallRules: [{ABEEE5A0-B823-473A-9329-38C4140D3116}] => (Allow) C:\WINDOWS\SysWOW64\CompatTelRunner.exe => Brak pliku
FirewallRules: [{B3EC1EA2-622B-4875-B2C9-7B5C8189EE3D}] => (Allow) C:\WINDOWS\SysWOW64\CompatTelRunner.exe => Brak pliku
FirewallRules: [{00B2CBF8-8AB8-462A-BCC9-83A4F82C5243}] => (Allow) C:\WINDOWS\SysWOW64\CompatTelRunner.exe => Brak pliku
FirewallRules: [{3F321733-91A2-429D-ADE9-A53589253485}] => (Allow) C:\WINDOWS\SysWOW64\CompatTelRunner.exe => Brak pliku
FirewallRules: [{171B0907-FCD5-44A4-936D-A69F06F3B55E}] => (Allow) C:\WINDOWS\SysWOW64\CompatTelRunner.exe => Brak pliku
FirewallRules: [{AE730255-D23C-4924-B48C-3264FFD64D26}] => (Allow) C:\Program Files\Avid\Pro Tools\AvidVideoEngine.exe => Brak pliku
FirewallRules: [TCP Query User{3E0E13BC-BAE5-49A2-8B8A-C8692C2E96A8}C:\users\ahmed\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\ahmed\appdata\local\discord\app-1.0.9004\discord.exe => Brak pliku
FirewallRules: [UDP Query User{1275F8DF-1523-4722-B437-B7D2640E4948}C:\users\ahmed\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\ahmed\appdata\local\discord\app-1.0.9004\discord.exe => Brak pliku
FirewallRules: [TCP Query User{33FCF9CB-84EF-45D7-ACEA-433D69EC39A8}C:\users\ahmed\appdata\local\discord\app-1.0.9005\discord.exe] => (Allow) C:\users\ahmed\appdata\local\discord\app-1.0.9005\discord.exe => Brak pliku
FirewallRules: [UDP Query User{4D174E46-00A5-4382-847E-CD79509D2A84}C:\users\ahmed\appdata\local\discord\app-1.0.9005\discord.exe] => (Allow) C:\users\ahmed\appdata\local\discord\app-1.0.9005\discord.exe => Brak pliku

*****************

Błąd: (0) Nie udało się utworzyć punktu przywracania.
Procesy zostały pomyślnie zamknięte.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => Wartość pomyślnie przywrócono
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => Wartość pomyślnie przywrócono
"HKU\S-1-5-21-1306247612-828193906-1523655640-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ProductAuthenticationService" => pomyślnie usunięto
"HKU\S-1-5-21-1306247612-828193906-1523655640-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisallowRun" => nie znaleziono
HKU\S-1-5-21-1306247612-828193906-1523655640-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F => pomyślnie usunięto
HKU\S-1-5-21-1306247612-828193906-1523655640-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\L => pomyślnie usunięto
HKLM\System\CurrentControlSet\Control\Session Manager\\"BootExecute"="autocheck autochk *" => Wartość pomyślnie przywrócono
HKLM\SOFTWARE\Policies\Mozilla => pomyślnie usunięto
"HKU\S-1-5-21-1306247612-828193906-1523655640-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\\1" => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{571766B3-6DFF-4B60-BB49-D5B2C4D66DC5}" => nie znaleziono
"C:\WINDOWS\System32\Tasks\Update Manager" => nie znaleziono
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update Manager" => nie znaleziono
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B1AF7A31-9B50-40F2-A936-F120EF709423}" => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B1AF7A31-9B50-40F2-A936-F120EF709423}" => pomyślnie usunięto
C:\WINDOWS\System32\Tasks\Microsoft\Windows\NetFramework\Microsoft .NET Framework => pomyślnie przeniesiono
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\NetFramework\Microsoft .NET Framework" => pomyślnie usunięto
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{656f287a-4d8e-4de3-b7d1-849ade78ab6f}\\DhcpNameServer" => pomyślnie usunięto
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{b36dfe1a-a810-4a02-b702-bcaee67d0623}\\DhcpNameServer" => pomyślnie usunięto
HKLM\System\CurrentControlSet\Services\gencounter => pomyślnie usunięto
gencounter => serwis pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7062407B-927B-4865-9BDC-3DE4FC088B60}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{26491890-3548-4872-A1ED-B802EB5BDCB4}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CDE222B6-5820-4690-BFEC-A482F2C63350}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A3E9DA27-8FEB-4827-92C6-8E79CA11D308}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5997F3D8-35EB-4B9F-9D82-CDB482D1BC3B}C:\program files\java\jre1.8.0_301\bin\javaw.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5ACF29EA-B38B-48C9-BABC-26CE39193AB8}C:\program files\java\jre1.8.0_301\bin\javaw.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D30CD7B0-63A5-4D55-9BE5-81E4D4228A83}D:\lolkurwa\riot games\riot client\riotclientservices.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{67D04031-A968-43E6-BB10-92CD1B2F96E3}D:\lolkurwa\riot games\riot client\riotclientservices.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0323FCA2-932B-4AB1-BD1D-534AF4811D8F}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{58CE4E73-BEAA-4996-9BB2-B2191E53B07A}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{533CA214-5BF7-447B-A437-F6B5BBF0653F}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E8E916A7-791A-4414-A32C-DA6E892450CE}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BE9F06A3-4743-4BD0-85B0-C75608F84CFA}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ABEEE5A0-B823-473A-9329-38C4140D3116}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B3EC1EA2-622B-4875-B2C9-7B5C8189EE3D}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{00B2CBF8-8AB8-462A-BCC9-83A4F82C5243}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3F321733-91A2-429D-ADE9-A53589253485}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{171B0907-FCD5-44A4-936D-A69F06F3B55E}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AE730255-D23C-4924-B48C-3264FFD64D26}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3E0E13BC-BAE5-49A2-8B8A-C8692C2E96A8}C:\users\ahmed\appdata\local\discord\app-1.0.9004\discord.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1275F8DF-1523-4722-B437-B7D2640E4948}C:\users\ahmed\appdata\local\discord\app-1.0.9004\discord.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{33FCF9CB-84EF-45D7-ACEA-433D69EC39A8}C:\users\ahmed\appdata\local\discord\app-1.0.9005\discord.exe" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4D174E46-00A5-4382-847E-CD79509D2A84}C:\users\ahmed\appdata\local\discord\app-1.0.9005\discord.exe" => pomyślnie usunięto

=========== EmptyTemp: ==========

FlushDNS => ukończone
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 248221214 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 1038727332 B
Windows/system/drivers => 16068197 B
Edge => 2224128 B
Chrome => 2335375501 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 56110 B
NetworkService => 24767392 B
Ahmed => 134189314 B

RecycleBin => 0 B
EmptyTemp: => 3.5 GB danych tymczasowych Usunięto.

================================


System wymagał restartu.

==== Koniec  Fixlog 17:54:54 ====