Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 17-04-2021 Uruchomiony przez Mateusz (22-04-2021 00:55:26) Uruchomiony z C:\Users\Mateusz\AppData\Local\Temp\scoped_dir11700_878827016 Windows 10 Home Wersja 2004 19041.928 (X64) (2020-08-28 18:46:43) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-4083676424-375176238-1465140574-500 - Administrator - Disabled) Gość (S-1-5-21-4083676424-375176238-1465140574-501 - Limited - Disabled) Konto domyślne (S-1-5-21-4083676424-375176238-1465140574-503 - Limited - Disabled) Mateusz (S-1-5-21-4083676424-375176238-1465140574-1001 - Administrator - Enabled) => C:\Users\Mateusz WDAGUtilityAccount (S-1-5-21-4083676424-375176238-1465140574-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-4083676424-375176238-1465140574-1001\...\uTorrent) (Version: 3.5.5.45966 - BitTorrent Inc.) Acer Display Widget (HKLM-x32\...\{FB01D1D9-3141-4DC9-A0E4-5E0388694B61}) (Version: 3.0.5.0 - Acer Incorporated) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 21.001.20149 - Adobe Systems Incorporated) AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.07.14.327 - Advanced Micro Devices, Inc.) AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.6.2.1818 - Advanced Micro Devices, Inc.) AMD_Chipset_Drivers (HKLM-x32\...\{07585caf-a143-476e-ab31-0e026584239d}) (Version: 2.07.14.327 - Advanced Micro Devices, Inc.) Hidden AORUS ENGINE (HKLM-x32\...\AORUS ENGINE_is1) (Version: 2.0.0.0 - GIGABYTE Technology Co.,Inc.) Aplikacja na pulpit firmy Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 8.1.0.68 - Autodesk) ASRRGBLED v1.0.84 (HKLM-x32\...\ASRock RGB LED_is1) (Version: 1.0.84 - ASRock Inc.) ASUS GLCKIO2 Driver (HKLM-x32\...\{548dd834-70c5-4426-8065-fbeabdd2bb5d}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden AutoCAD 2021 — polski (Polish) (HKLM\...\{28B89EEF-4101-0415-2102-CF3F3A09B77D}) (Version: 24.0.47.0 - Autodesk) Hidden Autodesk AutoCAD 2021 — polski (Polish) (HKLM\...\AutoCAD 2021 — polski (Polish)) (Version: 24.0.47.0 - Autodesk) Autodesk Genuine Service (HKLM-x32\...\{54A00624-3EF9-49A2-92A9-7244EADD0212}) (Version: 3.2.18 - Autodesk) Autodesk Material Library Base Resolution Image Library 2021 (HKLM-x32\...\{6EFAD582-86C1-4AB2-97C5-2070D0B90E08}) (Version: 19.1.22.0 - Autodesk) Autodesk Save to Web & Mobile (HKLM\...\{A9005AC0-4AD8-4E84-B1F7-EE38BB6BCC2D}) (Version: 3.0.26 - Autodesk) BlueStacks (64-bit) (HKLM\...\BlueStacks_bgp64) (Version: 4.280.3.4001 - BlueStack Systems, Inc.) BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.280.0.1022 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Clownfish Voice Changer (HKLM\...\ClownfishVoiceChanger) (Version: - ) CodeBlocks (HKU\S-1-5-21-4083676424-375176238-1465140574-1001\...\CodeBlocks) (Version: 20.03 - The Code::Blocks Team) CPUID HWMonitor 1.43 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.43 - CPUID, Inc.) Cyberpunk 2077 (HKLM-x32\...\1423049311_is1) (Version: 1.12 - GOG.com) Diagram Designer (HKLM-x32\...\{6E70FC33-495C-484F-B098-375EBC0563E8}) (Version: 1.29.5 - MeeSoft) ENE_AIC_Marvell_HAL (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden ENE_AIC_Marvell_HAL (HKLM-x32\...\{887e18fb-6bc3-4cd4-b34e-32d9ff71bbae}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.2.1 - Ene Tech.) Hidden ENE_DRAM_RGB_AIO (HKLM-x32\...\{5ca4886b-7bc8-477c-8576-901b1e8f0586}) (Version: 1.0.2.1 - Ene Tech.) Hidden ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.8.4 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_M2_HAL (HKLM-x32\...\{0f607f07-7957-4887-9d5e-be8efe9595a9}) (Version: 1.0.8.4 - ENE TECHNOLOGY INC.) Hidden ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden ENE_MousePad_HAL (HKLM-x32\...\{bf256b46-8ff7-48be-ab7f-5661e9a0651f}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden ENE_X_AIC_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.3.1 - ENE TECHNOLOGY INC.) Hidden ENE_X_AIC_HAL (HKLM-x32\...\{33f042cf-0ae3-4241-b8c8-7f544533ea8e}) (Version: 1.0.3.1 - ENE TECHNOLOGY INC.) Hidden ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden Epic Games Launcher (HKLM-x32\...\{9BDC8B60-A7CD-4554-B66A-C5FFC1E1437C}) (Version: 1.1.279.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) Epson Software Updater (HKLM-x32\...\{D2D9559D-359A-4C61-B93A-FE01AE2BFB75}) (Version: 4.5.4 - Seiko Epson Corporation) FACEIT (HKU\S-1-5-21-4083676424-375176238-1465140574-1001\...\FACEIT) (Version: 1.27.0 - FACEIT Ltd.) FACEIT (HKU\S-1-5-21-4083676424-375176238-1465140574-1001\...\FACEITApp) (Version: 1.27.0 - FACEIT Ltd.) FACEIT Anti-Cheat (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 2.0 - FACEIT LTD) FiveM (HKU\S-1-5-21-4083676424-375176238-1465140574-1001\...\CitizenFX_FiveM) (Version: - Cfx.re) Gameforge Client (HKLM-x32\...\{d3b2a0c1-f0d0-4888-ae0b-1c5e1febdafb}_is1) (Version: 2.1.22.784 - Gameforge) Garden Flipper (HKLM-x32\...\1833342145_is1) (Version: [patch] 1.2136 (2ad9f) - GOG.com) GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.128 - Google LLC) HGTV Flipper (HKLM-x32\...\1689378242_is1) (Version: [patch] 1.2136 (2ad9f) - GOG.com) Hola VPN 1.183.183 (HKLM\...\Hola) (Version: 1.183.183 - Hola Networks Ltd.) Horizon: Zero Down CE (HKLM-x32\...\Horizon: Zero Down CE_is1) (Version: - ) House Flipper (HKLM-x32\...\1140907376_is1) (Version: [patch] 1.2136 (2ad9f) - GOG.com) HWiNFO64 Version 6.42 (HKLM\...\HWiNFO64_is1) (Version: 6.42 - Martin Malik - REALiX) Iriun Webcam version 2.6.3 (HKLM-x32\...\IriunWebcam_is1) (Version: 2.6.3 - Iriun) Java 8 Update 281 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180281F0}) (Version: 8.0.2810.9 - Oracle Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKU\S-1-5-21-4083676424-375176238-1465140574-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc) Lively Wallpaper version 1.2.0.4 (HKLM-x32\...\{E3E43E1B-DEC8-44BF-84A6-243DBA3F2CB1}}_is1) (Version: 1.2.0.4 - rocksdanister) Mediummt2 (HKLM-x32\...\Mediummt2) (Version: - ) Metin2 pl-PL (HKLM-x32\...\{fab180a3-cd65-4b7e-bd0e-2ef77fd0c258.pl-PL}) (Version: - Gameforge) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.42 - Microsoft Corporation) Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 13.221.137.0 - Microsoft Corporation) Microsoft Office Professional Plus 2019 - pl-pl (HKLM\...\ProPlus2019Retail - pl-pl) (Version: 16.0.13901.20400 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-4083676424-375176238-1465140574-1001\...\OneDriveSetup.exe) (Version: 21.052.0314.0001 - Microsoft Corporation) Microsoft Project - pl-pl (HKLM\...\ProjectPro2019Retail - pl-pl) (Version: 16.0.13901.20400 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-4083676424-375176238-1465140574-1001\...\Teams) (Version: 1.4.00.8872 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation) Microsoft Visio - pl-pl (HKLM\...\VisioPro2019Retail - pl-pl) (Version: 16.0.13901.20400 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation) Microsoft Visual Studio Code (User) (HKU\S-1-5-21-4083676424-375176238-1465140574-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.53.2 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 3.1.9 (x86) (HKLM-x32\...\{adb8593e-4b1d-48bf-a86f-d39db017d999}) (Version: 3.1.9.29323 - Microsoft Corporation) MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD) Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.8.8 - Notepad++ Team) NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation) NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation) NVIDIA Sterownik graficzny 465.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 465.89 - NVIDIA Corporation) NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project) Odinstaluj drukarkę EPSON BX620FWD Series (HKLM\...\EPSON BX620FWD Series) (Version: - SEIKO EPSON Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20400 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20400 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0415-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden Opera GX Stable 73.0.3856.438 (HKU\S-1-5-21-4083676424-375176238-1465140574-1001\...\Opera GX 73.0.3856.438) (Version: 73.0.3856.438 - Opera Software) Oracle VM VirtualBox 6.1.16 (HKLM\...\{8979282D-1F43-4810-B819-AA1B06F2C085}) (Version: 6.1.16 - Oracle Corporation) Outlook (HKU\S-1-5-21-4083676424-375176238-1465140574-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook) Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.0.6.2 - Patriot Memory) Hidden Patriot Viper M2 SSD RGB (HKLM-x32\...\{1122cfaf-aa52-4ba0-af2e-1e252b647b5b}) (Version: 1.0.6.2 - Patriot Memory) Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden PSpice Student 9.1 (HKLM-x32\...\PSpice Student) (Version: - ) Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.6.0228.021813 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8619 - Realtek Semiconductor Corp.) RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.21.0222.1 - GIGABYTE) RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.37.349 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.1 - Rockstar Games) Shotcut (HKLM\...\Shotcut) (Version: 21.03.21 - Meltytech, LLC) SPC Gear GK550 Omnis Kailh RGB (HKLM-x32\...\{12F382E1-63D4-4B94-BD32-5F845E74FC79}) (Version: 1.00 - COOLING.PL Zdziech Spolka Jawna) SPC Gear VIRO Plus (HKLM-x32\...\SSS16xxAudioExt) (Version: 3.42.2019.1030 - SPC Gear) Spotify (HKU\S-1-5-21-4083676424-375176238-1465140574-1001\...\Spotify) (Version: 1.1.57.443.ga029a6c4 - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SteelSeries Engine 3.20.0 (HKLM\...\SteelSeries Engine 3) (Version: 3.20.0 - SteelSeries ApS) Stronghold: Warlords (HKLM-x32\...\Stronghold: Warlords_is1) (Version: - ) Środowisko uruchomieniowe Microsoft Edge WebView2 (HKLM-x32\...\Microsoft EdgeWebView) (Version: 90.0.818.42 - Microsoft Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.14.5 - TeamViewer) The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com) TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team) VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software) Wargaming.net Game Center (HKU\S-1-5-21-4083676424-375176238-1465140574-1001\...\Wargaming.net Game Center) (Version: 21.2.0.4803 - Wargaming.net) WinRAR 5.91 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH) World of Tanks EU (HKU\S-1-5-21-4083676424-375176238-1465140574-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net) Wraith Prism Settings software (HKLM-x32\...\{1A3E3EA7-5A7C-4292-8A13-B0DE1BF49E13}_COOLER_MASTER_SR4) (Version: 1.18 - AMD Wraith) Packages: ========= Dodatek Aparat multimediów dla aplikacji Zdjęcia -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-08-31] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-08-31] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.4072.0_x64__8wekyb3d8bbwe [2021-04-18] (Microsoft Studios) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-04-04] (NVIDIA Corp.) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.137.0_x64__dt26b99r8h8gj [2020-08-28] (Realtek Semiconductor Corp) Sound Blaster Connect -> C:\Program Files\WindowsApps\CreativeTechnologyLtd.SoundBlasterConnect_2.2.15.0_x86__13fcda18mhdz2 [2021-01-12] (Creative Technology Ltd.) ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-4083676424-375176238-1465140574-1001_Classes\CLSID\{04271989-C4D2-C7CC-8932-C132F40E3DFD} -> [OneDrive - ZSP nr 3 im. Armii Krajowej w Zamościu] => C:\Users\Mateusz\OneDrive - ZSP nr 3 im. Armii Krajowej w Zamościu [2020-08-28 21:04] CustomCLSID: HKU\S-1-5-21-4083676424-375176238-1465140574-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Mateusz\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20339.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4083676424-375176238-1465140574-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2021\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-4083676424-375176238-1465140574-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2021\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-4083676424-375176238-1465140574-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Mateusz\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-4083676424-375176238-1465140574-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2021\pl-PL\acadficn.dll (Autodesk Asia Pte. Ltd. -> Autodesk, Inc.) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2020-01-22] (Autodesk, Inc. -> Autodesk, Inc.) ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2020-01-22] (Autodesk, Inc. -> Autodesk) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2020-06-24] (Notepad++ -> ) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3784df9edffd3314\nvshext.dll [2021-03-26] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Brak podpisu cyfrowego] HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Brak podpisu cyfrowego] ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb --app-url=hxxps://outlook.com/ ==================== Załadowane moduły (filtrowane) ============= 2020-12-03 01:29 - 2021-03-15 01:45 - 000016384 _____ () [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files (x86)\Lively Wallpaper\livelycefproperties.dll 2020-12-03 01:29 - 2021-03-15 01:45 - 000030720 _____ () [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files (x86)\Lively Wallpaper\livelygrid.dll 2020-12-03 01:29 - 2021-03-15 01:45 - 000016384 _____ () [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files (x86)\Lively Wallpaper\livelyscreenlayout.dll 2020-12-03 01:29 - 2021-03-15 01:45 - 000047616 _____ () [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files (x86)\Lively Wallpaper\livelysettings.dll 2020-12-03 01:29 - 2020-04-17 03:01 - 000244224 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Lively Wallpaper\MSVCP140_APP.dll 2020-12-03 01:29 - 2020-04-17 03:01 - 000013312 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Lively Wallpaper\VCRUNTIME140_APP.dll 2019-10-26 13:04 - 2019-10-26 13:04 - 000232960 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\MSI Afterburner\RTCore.dll 2019-10-26 13:03 - 2019-10-26 13:03 - 000057344 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\MSI Afterburner\RTFC.dll 2019-10-26 13:04 - 2019-10-26 13:04 - 000650240 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll 2019-10-26 13:03 - 2019-10-26 13:03 - 000074240 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll 2019-10-26 13:03 - 2019-10-26 13:03 - 000369664 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\MSI Afterburner\RTUI.dll 2019-09-09 16:29 - 2019-09-09 16:29 - 000057344 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll 2019-09-09 16:30 - 2019-09-09 16:30 - 000074240 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll 2019-09-09 16:30 - 2019-09-09 16:30 - 000368640 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll 2021-01-13 05:00 - 2021-01-13 05:00 - 001230336 _____ (Applied Informatics Software Engineering GmbH) [Brak podpisu cyfrowego] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoFoundation.dll 2021-01-13 05:00 - 2021-01-13 05:00 - 000207872 _____ (Applied Informatics Software Engineering GmbH) [Brak podpisu cyfrowego] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoJSON.dll 2021-01-13 05:00 - 2021-01-13 05:00 - 000810496 _____ (Applied Informatics Software Engineering GmbH) [Brak podpisu cyfrowego] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNet.dll 2021-01-13 05:00 - 2021-01-13 05:00 - 000238592 _____ (Applied Informatics Software Engineering GmbH) [Brak podpisu cyfrowego] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNetSSLWin.dll 2021-01-13 05:00 - 2021-01-13 05:00 - 000335360 _____ (Applied Informatics Software Engineering GmbH) [Brak podpisu cyfrowego] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoUtil.dll 2021-01-13 05:00 - 2021-01-13 05:00 - 000455168 _____ (Applied Informatics Software Engineering GmbH) [Brak podpisu cyfrowego] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoXML.dll 2020-12-03 01:29 - 2020-10-13 08:59 - 000179712 _____ (Dominic Jonas) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files (x86)\Lively Wallpaper\NLogViewer.dll 2020-12-03 01:29 - 2021-02-22 00:00 - 001004544 _____ (GitHub) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files (x86)\Lively Wallpaper\Octokit.dll 2020-12-03 01:29 - 2019-12-07 17:47 - 000056832 _____ (Linearstar) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files (x86)\Lively Wallpaper\RawInput.Sharp.dll 2021-03-16 21:44 - 2021-02-08 02:09 - 000007680 _____ (livelySubProcess) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files (x86)\Lively Wallpaper\plugins\subproc\livelySubProcess.dll 2020-12-03 01:29 - 2021-03-15 01:46 - 000943616 _____ (livelywpf) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files (x86)\Lively Wallpaper\livelywpf.dll 2021-03-16 21:44 - 2021-03-15 01:46 - 000020480 _____ (livelywpf) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files (x86)\Lively Wallpaper\pl\livelywpf.resources.dll 2020-12-03 01:29 - 2021-01-06 18:55 - 000902144 _____ (ModernWpf) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files (x86)\Lively Wallpaper\ModernWpf.dll 2021-03-16 21:44 - 2021-01-06 18:55 - 000006144 _____ (ModernWpf) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files (x86)\Lively Wallpaper\pl\ModernWpf.resources.dll 2020-12-03 01:29 - 2021-01-06 18:55 - 000697344 _____ (ModernWpf.Controls) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files (x86)\Lively Wallpaper\ModernWpf.Controls.dll 2020-12-03 01:29 - 2021-02-26 00:43 - 000819712 _____ (NLog) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files (x86)\Lively Wallpaper\NLog.dll 2020-10-03 19:10 - 2009-06-30 10:33 - 000430080 _____ (SEIKO EPSON CORPORATION) [Brak podpisu cyfrowego] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBIPDev.dll 2020-10-03 19:10 - 2008-11-05 19:53 - 000237688 _____ (SEIKO EPSON CORPORATION) [Brak podpisu cyfrowego] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBMSDev.dll 2020-10-03 19:10 - 2009-07-01 11:09 - 000286720 _____ (SEIKO EPSON CORPORATION) [Brak podpisu cyfrowego] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBNWDev.dll 2020-10-03 19:10 - 2010-09-10 15:50 - 000135168 _____ (SEIKO EPSON CORPORATION) [Brak podpisu cyfrowego] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBRSVC.dll ==================== Alternate Data Streams (filtrowane) ======== (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\ProgramData:NT [40] AlternateDataStreams: C:\ProgramData:NT2 [934] AlternateDataStreams: C:\Users\All Users:NT [40] AlternateDataStreams: C:\Users\All Users:NT2 [934] AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT [40] AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT2 [934] AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40] AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [934] AlternateDataStreams: C:\Users\Mateusz\Dane aplikacji:NT [40] AlternateDataStreams: C:\Users\Mateusz\Dane aplikacji:NT2 [934] AlternateDataStreams: C:\Users\Mateusz\AppData\Roaming:NT [40] AlternateDataStreams: C:\Users\Mateusz\AppData\Roaming:NT2 [934] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [488] ==================== Tryb awaryjny (filtrowane) ================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) HKU\S-1-5-21-4083676424-375176238-1465140574-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1" ==================== Internet Explorer (filtrowane) ========== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-03-07] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_281\bin\ssv.dll [2021-01-20] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_281\bin\jp2ssv.dll [2021-01-20] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-03-07] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2021-04-17] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-08] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-08] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-08] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-08] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-08] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-08] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-08] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-08] (Microsoft Corporation -> Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-4083676424-375176238-1465140574-1001\...\hola.org -> hxxp://hola.org IE trusted site: HKU\S-1-5-21-4083676424-375176238-1465140574-1001\...\sharepoint.com -> hxxps://pollubpl-files.sharepoint.com ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2019-12-07 11:14 - 2021-03-12 14:55 - 000002408 _____ C:\Windows\system32\drivers\etc\hosts 109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site 109.94.209.70 fitgirlrepacks.in # Fake FitGirl site 109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site 109.94.209.70 fitgirlrepacks.co # Fake FitGirl site 109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site 109.94.209.70 fitgirl-repacks.to # Fake FitGirl site 109.94.209.70 fitgirl-repack.com # Fake FitGirl site 109.94.209.70 fitgirl-repacks.website # Fake FitGirl site 109.94.209.70 fitgirlrepack.games # Fake FitGirl site 109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site 109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site 109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site 109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site 109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site 109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site 109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site 109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site 109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site 109.94.209.70 fitgirl-repack.net # Fake FitGirl site 109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site 109.94.209.70 fitgirlpack.site # Fake FitGirl site 109.94.209.70 www.fitgirlpack.site # Fake FitGirl site ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\dotnet\;C:\Users\Mateusz\AppData\Local\Microsoft\WindowsApps;C:\Users\Mateusz\AppData\Local\Programs\Microsoft VS Code\bin HKU\S-1-5-21-4083676424-375176238-1465140574-1001\Control Panel\Desktop\\Wallpaper -> c:\users\mateusz\downloads\gtr.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Zapora systemu Windows [funkcja włączona] Network Binding: ============= Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) HKLM\...\StartupApproved\StartupFolder: => "SteelSeries Engine 3.lnk" HKLM\...\StartupApproved\Run: => "Riot Vanguard" HKLM\...\StartupApproved\Run: => "hola" HKLM\...\StartupApproved\Run32: => "Launch 0 FwCustom" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App" HKLM\...\StartupApproved\Run32: => "Autodesk Genuine Service " HKLM\...\StartupApproved\Run32: => "Wraith Prism" HKU\S-1-5-21-4083676424-375176238-1465140574-1001\...\StartupApproved\StartupFolder: => "AORUS ENGINE.lnk" HKU\S-1-5-21-4083676424-375176238-1465140574-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-4083676424-375176238-1465140574-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-4083676424-375176238-1465140574-1001\...\StartupApproved\Run: => "GogGalaxy" HKU\S-1-5-21-4083676424-375176238-1465140574-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-4083676424-375176238-1465140574-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-4083676424-375176238-1465140574-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" HKU\S-1-5-21-4083676424-375176238-1465140574-1001\...\StartupApproved\Run: => "iVCam" HKU\S-1-5-21-4083676424-375176238-1465140574-1001\...\StartupApproved\Run: => "Overwolf" HKU\S-1-5-21-4083676424-375176238-1465140574-1001\...\StartupApproved\Run: => "Wargaming.net Game Center" HKU\S-1-5-21-4083676424-375176238-1465140574-1001\...\StartupApproved\Run: => "Synapse3" HKU\S-1-5-21-4083676424-375176238-1465140574-1001\...\StartupApproved\Run: => "PolishedPine" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [TCP Query User{FFB0ABAA-54C2-4506-87CC-6B43619EAA0C}C:\users\mateusz\appdata\local\programs\opera gx\68.0.3618.206\opera.exe] => (Block) C:\users\mateusz\appdata\local\programs\opera gx\68.0.3618.206\opera.exe => Brak pliku FirewallRules: [UDP Query User{12FBC0E5-7CDA-4615-B610-24312CD517EB}C:\users\mateusz\appdata\local\programs\opera gx\68.0.3618.206\opera.exe] => (Block) C:\users\mateusz\appdata\local\programs\opera gx\68.0.3618.206\opera.exe => Brak pliku FirewallRules: [{412B3109-0F06-4C05-9329-04B9346F7B3E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{00AF52CB-F753-47F1-B45D-148E0BA968C2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{F40598AD-0DA3-4083-8815-766860E87F2F}] => (Allow) X:\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{3D4FE98B-0D70-40CF-9C97-592E46AD7EDE}] => (Allow) X:\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{1D9C3803-05A5-4650-9046-BEF94D94EB50}] => (Allow) X:\Steam\bin\cef\cef.win7\steamwebhelper.exe => Brak pliku FirewallRules: [{3D5E39DE-876D-4CB6-A639-C93A057AAD65}] => (Allow) X:\Steam\bin\cef\cef.win7\steamwebhelper.exe => Brak pliku FirewallRules: [TCP Query User{5C757C08-B735-412F-9E76-C99729A7DA5D}X:\gry\multi theft auto\gta san andreas\proxy_sa.exe] => (Allow) X:\gry\multi theft auto\gta san andreas\proxy_sa.exe => Brak pliku FirewallRules: [UDP Query User{4AA90185-0B9C-4047-93BC-F13A7D587E94}X:\gry\multi theft auto\gta san andreas\proxy_sa.exe] => (Allow) X:\gry\multi theft auto\gta san andreas\proxy_sa.exe => Brak pliku FirewallRules: [{90358938-0F67-405B-B607-0A54ACAB05C8}] => (Allow) X:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{C04085EF-8962-4663-AA42-F324C0AB4BB1}] => (Allow) X:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [TCP Query User{1116F5D2-ABDD-4A13-A995-CC8988582D03}X:\gry\farmingsimulator19\x64\farmingsimulator2019game.exe] => (Allow) X:\gry\farmingsimulator19\x64\farmingsimulator2019game.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [UDP Query User{370F4FD4-A3A1-4E78-BCEA-85FA51B8C033}X:\gry\farmingsimulator19\x64\farmingsimulator2019game.exe] => (Allow) X:\gry\farmingsimulator19\x64\farmingsimulator2019game.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [{6A2D2B99-6F68-43D4-B508-269FFAF8BC76}] => (Allow) X:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{77945A7C-471B-4B1D-A6C7-F6DC7F29C622}] => (Allow) X:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{E8220FDC-3ECC-4D81-BFB1-BF0FE099C69F}] => (Allow) C:\Users\Mateusz\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{53C55A7E-D997-4841-8238-0AEECB12FEB3}] => (Allow) C:\Users\Mateusz\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [TCP Query User{AC4DE077-6308-477A-B768-C02F10E78844}X:\gry\bus simulator 18\bussimulator18\binaries\win64\bussimulator18-win64-shipping.exe] => (Allow) X:\gry\bus simulator 18\bussimulator18\binaries\win64\bussimulator18-win64-shipping.exe => Brak pliku FirewallRules: [UDP Query User{F00B86C4-3CE8-45C9-81B5-B1AA0E25B3F4}X:\gry\bus simulator 18\bussimulator18\binaries\win64\bussimulator18-win64-shipping.exe] => (Allow) X:\gry\bus simulator 18\bussimulator18\binaries\win64\bussimulator18-win64-shipping.exe => Brak pliku FirewallRules: [TCP Query User{7DFA3F26-F6A0-4DEF-BB44-23AF890BA12F}C:\program files\windowsapps\facebook.317180b0bb486_620.8.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_620.8.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe => Brak pliku FirewallRules: [UDP Query User{E71A0534-89BD-43CF-AA3D-27F7C18864B7}C:\program files\windowsapps\facebook.317180b0bb486_620.8.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_620.8.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe => Brak pliku FirewallRules: [TCP Query User{3A39C4CD-67F9-4AFA-BCF2-5A30A3A06577}C:\program files\java\jre1.8.0_261\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_261\bin\javaw.exe => Brak pliku FirewallRules: [UDP Query User{A65CECDE-3C91-4662-8E7B-AA202B55EE17}C:\program files\java\jre1.8.0_261\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_261\bin\javaw.exe => Brak pliku FirewallRules: [TCP Query User{3393EF96-8AF1-41B8-8942-02B3D2932AED}C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.175\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.175\opera.exe => Brak pliku FirewallRules: [UDP Query User{E99B2FC3-58F9-42CF-9A80-EEECF461E31B}C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.175\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.175\opera.exe => Brak pliku FirewallRules: [TCP Query User{9FCCF0CD-E06E-4B77-84C5-A9B880080CED}C:\program files\windowsapps\facebook.317180b0bb486_700.7.117.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_700.7.117.0_x64__8xx8rvfyw5nnt\app\messenger.exe => Brak pliku FirewallRules: [UDP Query User{5532B64F-2AFF-4EE0-A0A4-9DEF3656197D}C:\program files\windowsapps\facebook.317180b0bb486_700.7.117.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_700.7.117.0_x64__8xx8rvfyw5nnt\app\messenger.exe => Brak pliku FirewallRules: [TCP Query User{7F8A5AC8-1E3B-4F1A-B9BF-36D23BE0B6BD}C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.205\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.205\opera.exe => Brak pliku FirewallRules: [UDP Query User{D224747C-DBEC-4A93-A7E2-B7F7DFB4B41C}C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.205\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.205\opera.exe => Brak pliku FirewallRules: [{963F7FFF-D4D3-4D17-9138-2D03427467C4}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe => Brak pliku FirewallRules: [{0CCB5FFB-DEE1-45B5-872F-2E2EDDEA71DC}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe => Brak pliku FirewallRules: [TCP Query User{F61E008A-88DC-4A7A-B596-7F5B7956D6E1}C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.234\opera.exe] => (Block) C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.234\opera.exe => Brak pliku FirewallRules: [UDP Query User{08C82401-9DE2-4B86-A840-53CFC87355F4}C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.234\opera.exe] => (Block) C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.234\opera.exe => Brak pliku FirewallRules: [TCP Query User{A2F8D68D-B99E-4572-AF8C-4F3A3289E3CC}D:\games\crash bandicoot n. sane trilogy\crashbandicootnsanetrilogy.exe] => (Block) D:\games\crash bandicoot n. sane trilogy\crashbandicootnsanetrilogy.exe => Brak pliku FirewallRules: [UDP Query User{F2EED5A9-914C-4F41-993D-EA92B669D162}D:\games\crash bandicoot n. sane trilogy\crashbandicootnsanetrilogy.exe] => (Block) D:\games\crash bandicoot n. sane trilogy\crashbandicootnsanetrilogy.exe => Brak pliku FirewallRules: [TCP Query User{6956C336-A2C6-4FF8-AA82-84652343D5EF}X:\gry\crash bandicoot n. sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) X:\gry\crash bandicoot n. sane trilogy\crashbandicootnsanetrilogy.exe => Brak pliku FirewallRules: [UDP Query User{20D5C1FB-45D7-40CF-A417-41CD9A2F4427}X:\gry\crash bandicoot n. sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) X:\gry\crash bandicoot n. sane trilogy\crashbandicootnsanetrilogy.exe => Brak pliku FirewallRules: [TCP Query User{5C15033F-E763-4261-A274-ACD08AFEEA5A}C:\users\mateusz\desktop\among.us.v2020.8.12s\among us\among us.exe] => (Allow) C:\users\mateusz\desktop\among.us.v2020.8.12s\among us\among us.exe => Brak pliku FirewallRules: [UDP Query User{B0CFBE85-7248-4932-9031-B893A68F5F46}C:\users\mateusz\desktop\among.us.v2020.8.12s\among us\among us.exe] => (Allow) C:\users\mateusz\desktop\among.us.v2020.8.12s\among us\among us.exe => Brak pliku FirewallRules: [TCP Query User{8ED4790A-61D1-4650-BE8F-9D963594E299}C:\program files\windowsapps\facebook.317180b0bb486_720.6.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_720.6.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe => Brak pliku FirewallRules: [UDP Query User{5542AF11-F761-4406-BC61-0E4C844BD4FD}C:\program files\windowsapps\facebook.317180b0bb486_720.6.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_720.6.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe => Brak pliku FirewallRules: [TCP Query User{6E450A1C-642B-4F03-B3CE-365DC762FFF3}C:\users\mateusz\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\mateusz\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{1A8541FA-0A32-4807-AB5E-B736395076B1}C:\users\mateusz\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\mateusz\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{7D9A4C2C-F42B-4497-90C4-3AA02C0A2537}C:\users\mateusz\appdata\local\temp\rar$exa12112.48372\among.us.v2020.8.12s\among us\among us.exe] => (Block) C:\users\mateusz\appdata\local\temp\rar$exa12112.48372\among.us.v2020.8.12s\among us\among us.exe => Brak pliku FirewallRules: [UDP Query User{2270154E-63AD-48D0-A0B4-388A39AE0A71}C:\users\mateusz\appdata\local\temp\rar$exa12112.48372\among.us.v2020.8.12s\among us\among us.exe] => (Block) C:\users\mateusz\appdata\local\temp\rar$exa12112.48372\among.us.v2020.8.12s\among us\among us.exe => Brak pliku FirewallRules: [TCP Query User{F6B8708D-EEBC-485E-A19B-CBD783CC5ED0}C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.287\opera.exe] => (Block) C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.287\opera.exe => Brak pliku FirewallRules: [UDP Query User{5C2819FB-C6E0-4620-9980-2330A69963FB}C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.287\opera.exe] => (Block) C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.287\opera.exe => Brak pliku FirewallRules: [TCP Query User{BB3E675E-EBD7-4E42-AB09-EF246AB2A6BE}C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe => Brak pliku FirewallRules: [UDP Query User{4F0B9070-9EDE-42B1-A132-C245103CF736}C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe => Brak pliku FirewallRules: [TCP Query User{104B54C1-EB34-4430-A20E-DAAEA5762047}C:\users\mateusz\desktop\among.us.v2020.9.9s\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\mateusz\desktop\among.us.v2020.9.9s\among.us.v2020.9.9s\among us.exe => Brak pliku FirewallRules: [UDP Query User{CD9B8DE1-7D69-49C7-84B4-56E5352B89EA}C:\users\mateusz\desktop\among.us.v2020.9.9s\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\mateusz\desktop\among.us.v2020.9.9s\among.us.v2020.9.9s\among us.exe => Brak pliku FirewallRules: [TCP Query User{83FD4E07-0348-4878-9DC2-99007807F8F5}C:\users\mateusz\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\mateusz\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{6FC6C2DF-7109-4674-B942-F6901FF792A8}C:\users\mateusz\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\mateusz\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{87521F6F-F52F-4A89-BD7E-F41649016994}] => (Allow) C:\Users\Mateusz\AppData\Roaming\Zoom\bin\Zoom.exe => Brak pliku FirewallRules: [{364E9B99-FC1D-4873-AAD8-54085D0C81CA}] => (Allow) C:\Users\Mateusz\AppData\Roaming\Zoom\bin\airhost.exe => Brak pliku FirewallRules: [{B2776B85-2B7A-41FD-A727-2E967CE7632A}] => (Allow) C:\Users\Mateusz\AppData\Roaming\Zoom\bin\airhost.exe => Brak pliku FirewallRules: [TCP Query User{963427B1-BF3F-4BF9-8EEB-24BFEBB96A08}C:\program files\java\jre1.8.0_271\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_271\bin\javaw.exe => Brak pliku FirewallRules: [UDP Query User{D7FEEF64-AC56-4BF2-B654-DAE6B7378312}C:\program files\java\jre1.8.0_271\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_271\bin\javaw.exe => Brak pliku FirewallRules: [TCP Query User{06686F90-C80D-493B-9D4B-FC9B90D20BE6}X:\gry\gtav\gta5.exe] => (Block) X:\gry\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{FB1E962D-6EE4-4D39-B0BC-313E375BC24F}X:\gry\gtav\gta5.exe] => (Block) X:\gry\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [TCP Query User{9B7A9552-AC4C-4BE4-9601-EC2B2A565AD9}C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.302\opera.exe] => (Block) C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.302\opera.exe => Brak pliku FirewallRules: [UDP Query User{8304B264-9FC1-4A3D-9A75-A3E3FC6DE998}C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.302\opera.exe] => (Block) C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.302\opera.exe => Brak pliku FirewallRules: [TCP Query User{FBDF0D98-C462-4D83-83C3-1B935ECB9A13}C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.310\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.310\opera.exe => Brak pliku FirewallRules: [UDP Query User{AFDEAB23-A069-40F5-871C-676C323761B8}C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.310\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.310\opera.exe => Brak pliku FirewallRules: [TCP Query User{3B0005D8-89B0-43EB-B461-932250ECED72}C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.323\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.323\opera.exe => Brak pliku FirewallRules: [UDP Query User{07980DEC-52AF-4E5B-AAC8-67D8CB47FF29}C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.323\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.323\opera.exe => Brak pliku FirewallRules: [TCP Query User{4FD61153-55B4-44A1-80E3-385A88968CE0}C:\users\mateusz\appdata\local\temp\scoped_dir13148_1304515460\fivem.exe] => (Allow) C:\users\mateusz\appdata\local\temp\scoped_dir13148_1304515460\fivem.exe => Brak pliku FirewallRules: [UDP Query User{64181451-787D-410E-9FB2-4304BAD25375}C:\users\mateusz\appdata\local\temp\scoped_dir13148_1304515460\fivem.exe] => (Allow) C:\users\mateusz\appdata\local\temp\scoped_dir13148_1304515460\fivem.exe => Brak pliku FirewallRules: [TCP Query User{97E580ED-4688-4B9E-83AF-8CEF5D3463E9}C:\users\mateusz\appdata\local\fivem\fivem.exe] => (Allow) C:\users\mateusz\appdata\local\fivem\fivem.exe (Intricus Software Limited -> Cfx.re) FirewallRules: [UDP Query User{E47D5D29-7888-4666-8692-473CCB74DCC0}C:\users\mateusz\appdata\local\fivem\fivem.exe] => (Allow) C:\users\mateusz\appdata\local\fivem\fivem.exe (Intricus Software Limited -> Cfx.re) FirewallRules: [TCP Query User{ED72F04A-94E6-4511-A5B3-7362143DB04A}C:\users\mateusz\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\mateusz\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{730FA7F1-58E1-45F8-9C1F-FAB724B7A402}C:\users\mateusz\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\mateusz\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{B50C246E-0EE7-4710-AF06-57C4BE8444A4}C:\users\mateusz\appdata\local\temp\scoped_dir15400_1054701358\fivem.exe] => (Allow) C:\users\mateusz\appdata\local\temp\scoped_dir15400_1054701358\fivem.exe => Brak pliku FirewallRules: [UDP Query User{C0D3FC9D-1C6F-4B20-9BDC-1343B1706834}C:\users\mateusz\appdata\local\temp\scoped_dir15400_1054701358\fivem.exe] => (Allow) C:\users\mateusz\appdata\local\temp\scoped_dir15400_1054701358\fivem.exe => Brak pliku FirewallRules: [TCP Query User{3C1D974D-CCAF-4BB8-8178-626AED64F2BF}C:\users\mateusz\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2060_gtaprocess.exe] => (Allow) C:\users\mateusz\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2060_gtaprocess.exe => Brak pliku FirewallRules: [UDP Query User{D4EA528C-B5F4-4379-A0BA-9A3669F871E5}C:\users\mateusz\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2060_gtaprocess.exe] => (Allow) C:\users\mateusz\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2060_gtaprocess.exe => Brak pliku FirewallRules: [TCP Query User{630A8FED-3FA8-4717-9FB0-D5C8CAE785AF}C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.441\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.441\opera.exe => Brak pliku FirewallRules: [UDP Query User{BB2ACE87-2E2E-43FE-A1DD-4CB036A47E55}C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.441\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.441\opera.exe => Brak pliku FirewallRules: [TCP Query User{1A7030D1-ADA5-4399-AC20-3A66B67D6612}X:\world of tanks\wargaming.net\gamecenter\wgc.exe] => (Block) X:\world of tanks\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [UDP Query User{23CDFB0D-E5B0-4886-979D-75B326714232}X:\world of tanks\wargaming.net\gamecenter\wgc.exe] => (Block) X:\world of tanks\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [TCP Query User{793841A4-BA52-4AC5-B710-62195A90A04B}C:\users\mateusz\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mateusz\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{9038C3D6-1C7A-4845-BCE1-022560128999}C:\users\mateusz\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mateusz\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{9990FAD9-79B3-45DC-9629-794032576C0B}X:\gry\mudrunner\mudrunner.exe] => (Block) X:\gry\mudrunner\mudrunner.exe => Brak pliku FirewallRules: [UDP Query User{ED16316E-D6AA-4E21-AAC8-5FFBF3BE2FF6}X:\gry\mudrunner\mudrunner.exe] => (Block) X:\gry\mudrunner\mudrunner.exe => Brak pliku FirewallRules: [TCP Query User{039DDA9A-3F1C-4130-8834-CB35A9A0976D}C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.449\opera.exe] => (Block) C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.449\opera.exe => Brak pliku FirewallRules: [UDP Query User{ABAA9F9F-0AC6-40A6-8BD6-59F5971B3A9A}C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.449\opera.exe] => (Block) C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.449\opera.exe => Brak pliku FirewallRules: [TCP Query User{9E0A6355-E034-4021-BAA3-B2FDD0DEE0EC}C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.456\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.456\opera.exe => Brak pliku FirewallRules: [UDP Query User{164F491B-4E61-40D5-A016-6D561B3B4E7B}C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.456\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\71.0.3770.456\opera.exe => Brak pliku FirewallRules: [TCP Query User{785CF041-D749-496A-B565-33BEFA39D3BB}C:\cyberpunk\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\cyberpunk\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.) FirewallRules: [UDP Query User{F3DB0EC6-E5F4-4372-9106-9364D22D18D1}C:\cyberpunk\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\cyberpunk\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.) FirewallRules: [TCP Query User{FF21F8FC-5907-4481-8497-CC30BC7EC382}C:\users\mateusz\appdata\local\programs\opera gx\72.0.3815.459\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\72.0.3815.459\opera.exe => Brak pliku FirewallRules: [UDP Query User{8C0D41FC-5D25-4EA3-955F-2DE6C75233CF}C:\users\mateusz\appdata\local\programs\opera gx\72.0.3815.459\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\72.0.3815.459\opera.exe => Brak pliku FirewallRules: [TCP Query User{E970550F-4C31-4CBF-8B34-4B15A1778FED}X:\gry\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) X:\gry\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Brak pliku FirewallRules: [UDP Query User{D1AF9629-2A10-416D-9E95-D9354C256F13}X:\gry\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) X:\gry\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Brak pliku FirewallRules: [TCP Query User{630D2B39-5EA4-4031-9F56-E585E01ED202}C:\users\mateusz\appdata\local\programs\opera gx\72.0.3815.465\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\72.0.3815.465\opera.exe => Brak pliku FirewallRules: [UDP Query User{F6963628-331A-4283-89BB-24EBD0311402}C:\users\mateusz\appdata\local\programs\opera gx\72.0.3815.465\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\72.0.3815.465\opera.exe => Brak pliku FirewallRules: [TCP Query User{85ABEF5F-DD57-430D-AF27-5C6C35A0FC36}C:\users\mateusz\appdata\local\programs\opera gx\72.0.3815.473\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\72.0.3815.473\opera.exe => Brak pliku FirewallRules: [UDP Query User{34B9F12E-5514-4A06-8053-771B4F07E47F}C:\users\mateusz\appdata\local\programs\opera gx\72.0.3815.473\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\72.0.3815.473\opera.exe => Brak pliku FirewallRules: [TCP Query User{4FAF32FE-3847-47B9-A3D9-B273ADAA7678}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe FirewallRules: [UDP Query User{5F388AF9-B365-4D42-AA33-20ED002D4B2C}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe FirewallRules: [TCP Query User{25F245EA-1161-404B-8A48-EB7F70347F7E}C:\users\mateusz\desktop\battle.realms.zen.edition.v1.56.3\battle realms\battle_realms_ef.exe] => (Block) C:\users\mateusz\desktop\battle.realms.zen.edition.v1.56.3\battle realms\battle_realms_ef.exe () [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{6CF8F6C1-7913-4793-9321-3F567EE13909}C:\users\mateusz\desktop\battle.realms.zen.edition.v1.56.3\battle realms\battle_realms_ef.exe] => (Block) C:\users\mateusz\desktop\battle.realms.zen.edition.v1.56.3\battle realms\battle_realms_ef.exe () [Brak podpisu cyfrowego] FirewallRules: [{1E123FC9-C208-415A-9C6B-4AF653EC4559}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{8C8C5A4E-CB9A-449B-93B9-9DD30C96FED1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{223847B6-DCC8-45FC-905E-FA9E73E776B1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{8E8A68FB-0F54-49CA-B73F-3653BFE1B386}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{8BF393C0-213B-4782-8646-9435E5DBDEE4}C:\users\mateusz\appdata\local\programs\opera gx\72.0.3815.487\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\72.0.3815.487\opera.exe => Brak pliku FirewallRules: [UDP Query User{114D44A5-CDE3-403A-BE48-A6B29DEAD41E}C:\users\mateusz\appdata\local\programs\opera gx\72.0.3815.487\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\72.0.3815.487\opera.exe => Brak pliku FirewallRules: [{DD7D17B2-D946-4CBB-BE6C-BE82B16AD181}] => (Allow) X:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => Brak pliku FirewallRules: [{8EF1DE7F-97F3-4512-8B21-11B2D61E79E8}] => (Allow) X:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => Brak pliku FirewallRules: [{9F395125-8069-4E6B-A266-1309309988F6}] => (Allow) X:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => Brak pliku FirewallRules: [{A441DA35-18E6-4952-A7DE-58ADA3B3FAE5}] => (Allow) X:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => Brak pliku FirewallRules: [{DF973C3A-29A3-43E1-BE4F-10D3E753DF06}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{52419D4B-7271-41EC-AA1C-9EAFF7D0E8FA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{010A751A-A556-49DB-9150-E2D6D27C8BEF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{73E79C5F-5712-4FB9-8403-B966F16B19B7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [TCP Query User{F6BF1C35-2A57-4F0F-8FEE-533ADD21FB00}C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.396\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.396\opera.exe => Brak pliku FirewallRules: [UDP Query User{05CE1D83-D42B-4685-A42C-0024D0B5B08D}C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.396\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.396\opera.exe => Brak pliku FirewallRules: [TCP Query User{9AC9D9BF-7203-4C7E-82F9-0A2472E80F14}X:\gry\horizon - zero down ce\horizonzerodawn.exe] => (Block) X:\gry\horizon - zero down ce\horizonzerodawn.exe () [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{47268353-98EC-4601-9CF7-3D0420EC3DAB}X:\gry\horizon - zero down ce\horizonzerodawn.exe] => (Block) X:\gry\horizon - zero down ce\horizonzerodawn.exe () [Brak podpisu cyfrowego] FirewallRules: [{9574FE67-B163-4043-A0B6-D6F4948469C4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{C24568C5-47E7-4285-AEB1-7D1B3CDA2AB0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{4561AD2E-B46A-4861-B899-84E5EECEB6D7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{1523BC07-139A-4B2D-B82F-7D49DA9CA25D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [TCP Query User{8426D976-C8CC-4B44-A3EC-32033897E078}C:\program files\e2esoft\ivcam\ivcam.exe] => (Allow) C:\program files\e2esoft\ivcam\ivcam.exe => Brak pliku FirewallRules: [UDP Query User{70C45A95-38B1-42FF-9C36-868C2D58E6F3}C:\program files\e2esoft\ivcam\ivcam.exe] => (Allow) C:\program files\e2esoft\ivcam\ivcam.exe => Brak pliku FirewallRules: [{F35B42B8-F367-40EA-9888-AE8D24E8B54A}] => (Allow) C:\Program Files\e2eSoft\iVCam\iVCam.exe => Brak pliku FirewallRules: [{E5F5C062-0C2D-4382-8B8D-AEC3C3EBA703}] => (Allow) C:\Program Files\e2eSoft\iVCam\iVCam.exe => Brak pliku FirewallRules: [{0BDC437A-4D0A-4DC8-931B-23281D42EC8B}] => (Allow) C:\Program Files (x86)\Iriun Webcam\webcam.exe () [Brak podpisu cyfrowego] FirewallRules: [{35BBECC7-4097-4A47-9281-000A328950CC}] => (Allow) C:\Program Files (x86)\Iriun Webcam\webcam.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{5C6A58B4-A847-4087-B8EF-173711B5CEBA}C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.400\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.400\opera.exe => Brak pliku FirewallRules: [UDP Query User{262886D0-29B2-4008-9696-82C5788D433A}C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.400\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.400\opera.exe => Brak pliku FirewallRules: [{A13E3C81-5997-4235-94AF-2AC647E56F63}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{CCBD172D-7B95-4677-9281-F6AEAA0323F9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5A6D7870-203F-43DB-AC24-C601240D0EBB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{A7CB6EFE-CB49-4FDA-8BA2-6A31F5ACE144}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{5518C601-CB82-4777-860B-913ACB04FA48}C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.408\opera.exe] => (Block) C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.408\opera.exe => Brak pliku FirewallRules: [UDP Query User{0A9394B1-96D5-4F40-8220-596CFCCEC851}C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.408\opera.exe] => (Block) C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.408\opera.exe => Brak pliku FirewallRules: [{9C82DB9E-4E61-465A-B43C-1AAB0ABE117A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{04925F31-1CFC-496F-9B25-256DA8D98C97}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{85CC615F-F0A5-496C-A704-48D7FC9896E2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{AB6780A7-619D-43B9-B017-3A1BD0828712}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{2584F1AF-EBB9-4C64-98F4-54A7FCB6AB3D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{BA7DC2AC-598D-4375-9CEA-886740CF47EF}X:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Block) X:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [UDP Query User{3361C538-034F-4992-88CF-5851D85C81C6}X:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Block) X:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [TCP Query User{F0F197B2-1B80-4421-A5DF-60F7A4449B5C}X:\games\stronghold - warlords\bin\win32_release\strongholdwarlords.exe] => (Block) X:\games\stronghold - warlords\bin\win32_release\strongholdwarlords.exe () [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{B89611E3-9AD0-491B-B288-B8CCE2689318}X:\games\stronghold - warlords\bin\win32_release\strongholdwarlords.exe] => (Block) X:\games\stronghold - warlords\bin\win32_release\strongholdwarlords.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{3F12AFBB-31E9-4297-B24D-B21AF5A850C5}C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.415\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.415\opera.exe => Brak pliku FirewallRules: [UDP Query User{AFCCFAE6-7D71-43E7-BE63-7889DCFE822B}C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.415\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.415\opera.exe => Brak pliku FirewallRules: [TCP Query User{92D63216-7CEC-430D-8787-743746CFFDF9}C:\users\mateusz\appdata\local\temp\scoped_dir11760_971800693\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\mateusz\appdata\local\temp\scoped_dir11760_971800693\fivem.app\cache\subprocess\fivem_gtaprocess.exe => Brak pliku FirewallRules: [UDP Query User{590E5750-6373-4408-8FAC-EC45E3809C27}C:\users\mateusz\appdata\local\temp\scoped_dir11760_971800693\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\mateusz\appdata\local\temp\scoped_dir11760_971800693\fivem.app\cache\subprocess\fivem_gtaprocess.exe => Brak pliku FirewallRules: [TCP Query User{655F65A9-9851-4BD6-A3C5-FC6B688A9DB0}C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.421\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.421\opera.exe => Brak pliku FirewallRules: [UDP Query User{BA014D79-3133-48B0-875F-9A2532E52CC8}C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.421\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.421\opera.exe => Brak pliku FirewallRules: [TCP Query User{362187C1-9C46-4CB4-9098-1CB2EA6AFF2B}C:\users\mateusz\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mateusz\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{8C4C9BA3-37A0-49D4-90F0-6E81823CC909}C:\users\mateusz\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mateusz\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{93DF0583-FC2C-4C05-A29F-FE8D1392B874}C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.424\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.424\opera.exe => Brak pliku FirewallRules: [UDP Query User{6023FFE6-DC5F-4E5D-AB4A-18A374BB27B0}C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.424\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.424\opera.exe => Brak pliku FirewallRules: [{92A4D0AF-578D-4551-9EAE-75B080D3D8A1}] => (Allow) C:\Program Files\BlueStacks_bgp64\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) FirewallRules: [TCP Query User{9BEC63BD-23F1-43FD-A24F-51988DD61C05}C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.427\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.427\opera.exe => Brak pliku FirewallRules: [UDP Query User{567E3A85-C202-4CD8-8862-CCBDCAC52A43}C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.427\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.427\opera.exe => Brak pliku FirewallRules: [{FF6FF78D-2159-4E6D-92B4-E6862A86E8DB}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{861FB57F-48C2-4D23-A141-F223AA118269}C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.431\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.431\opera.exe => Brak pliku FirewallRules: [UDP Query User{8B4B31DF-7090-4B28-96DE-C4B2A8D47E6D}C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.431\opera.exe] => (Allow) C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.431\opera.exe => Brak pliku FirewallRules: [TCP Query User{8F823ED8-C319-4A2C-A7D7-D4133776383D}C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.434\opera.exe] => (Block) C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.434\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [UDP Query User{8B17291F-4E40-4575-A1B8-2577375E3E60}C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.434\opera.exe] => (Block) C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.434\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [TCP Query User{827EC79C-C0DD-4C0A-92D7-7F352D232A17}X:\gry\satisfactory v0.4.1.0-early access\satisfactory v0.4.1.0-early access\satisfactory\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) X:\gry\satisfactory v0.4.1.0-early access\satisfactory v0.4.1.0-early access\satisfactory\engine\binaries\win64\ue4-win64-shipping.exe (Epic Games, Inc.) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{AE5658CB-8564-4515-97A1-B8E618FE0A39}X:\gry\satisfactory v0.4.1.0-early access\satisfactory v0.4.1.0-early access\satisfactory\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) X:\gry\satisfactory v0.4.1.0-early access\satisfactory v0.4.1.0-early access\satisfactory\engine\binaries\win64\ue4-win64-shipping.exe (Epic Games, Inc.) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{479F2C23-2193-4C07-9BDB-1CC463740758}C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.438\opera.exe] => (Block) C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.438\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [UDP Query User{FB23D453-FE7A-4E51-BEA1-55FAD02FCEF7}C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.438\opera.exe] => (Block) C:\users\mateusz\appdata\local\programs\opera gx\73.0.3856.438\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{BC67A118-C341-4D47-8BB8-9E0E0D8D17DA}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.42\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{851FB9C7-AF0D-4BF4-AC8D-5938414BC7BF}] => (Allow) C:\Windows\rss\csrss.exe () [Brak podpisu cyfrowego] ==================== Punkty Przywracania systemu ========================= 21-04-2021 23:04:06 Zaplanowany punkt kontrolny ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ Name: Standardowa klawiatura PS/2 Description: Standardowa klawiatura PS/2 Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318} Manufacturer: (Klawiatury standardowe) Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Mysz Microsoft PS/2 Description: Mysz Microsoft PS/2 Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (04/22/2021 12:39:35 AM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Błąd podczas aktualizowania stanu Windows Defender na wartość SECURITY_PRODUCT_STATE_ON. Error: (04/22/2021 12:39:33 AM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Błąd podczas aktualizowania stanu Windows Defender na wartość SECURITY_PRODUCT_STATE_ON. Error: (04/22/2021 12:28:23 AM) (Source: SideBySide) (EventID: 59) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe". Błąd w pliku manifestu lub w pliku zasad "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe" w wierszu 0. Nieprawidłowa składnia XML. Error: (04/22/2021 12:28:11 AM) (Source: SideBySide) (EventID: 59) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe". Błąd w pliku manifestu lub w pliku zasad "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe" w wierszu 0. Nieprawidłowa składnia XML. Error: (04/22/2021 12:27:08 AM) (Source: SideBySide) (EventID: 59) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe". Błąd w pliku manifestu lub w pliku zasad "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe" w wierszu 0. Nieprawidłowa składnia XML. Error: (04/22/2021 12:27:06 AM) (Source: SideBySide) (EventID: 59) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe". Błąd w pliku manifestu lub w pliku zasad "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe" w wierszu 0. Nieprawidłowa składnia XML. Error: (04/22/2021 12:26:59 AM) (Source: SideBySide) (EventID: 59) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe". Błąd w pliku manifestu lub w pliku zasad "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe" w wierszu 0. Nieprawidłowa składnia XML. Error: (04/22/2021 12:25:49 AM) (Source: SideBySide) (EventID: 59) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe". Błąd w pliku manifestu lub w pliku zasad "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe" w wierszu 0. Nieprawidłowa składnia XML. Dziennik System: ============= Error: (04/22/2021 12:29:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi SSGDIO z powodu następującego błędu: Odmowa dostępu. Error: (04/22/2021 12:29:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi inpoutx64 z powodu następującego błędu: Odmowa dostępu. Error: (04/22/2021 12:29:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Service KMSELDI z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (04/22/2021 12:29:11 AM) (Source: VBoxNetLwf) (EventID: 12) (User: ) Description: Sterownik wykrył błąd wewnętrzny sterownika na \Device\VBoxNetLwf. Error: (04/22/2021 12:28:38 AM) (Source: DCOM) (EventID: 10005) (User: ZARZĄDZANIE NT) Description: Model DCOM odebrał błąd 1115 podczas próby uruchomienia usługi SecurityHealthService z argumentami Niedostępny w celu uruchomienia serwera: {8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0} Error: (04/22/2021 12:28:38 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-QGFNIKH) Description: Serwer {9BA05972-F6A8-11CF-A442-00A0C90A8F39} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (04/22/2021 12:28:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi SSGDIO z powodu następującego błędu: Odmowa dostępu. Error: (04/22/2021 12:28:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi inpoutx64 z powodu następującego błędu: Odmowa dostępu. Windows Defender: ================ Date: 2021-04-22 00:03:19 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Contebrew.A!ml&threatid=251873&enterprise=0 Nazwa: Program:Win32/Contebrew.A!ml Identyfikator: 251873 Ważność: Niski Kategoria: Potencjalnie niechciane oprogramowanie Ścieżka: containerfile:_C:\Users\Mateusz\Downloads\Click_here-PFQJ-AKadgGAzqQQAOUQCAFBMFwAGAMJQdCwA (1).zip; file:_C:\Users\Mateusz\Downloads\Click_here-PFQJ-AKadgGAzqQQAOUQCAFBMFwAGAMJQdCwA (1).zip->Click_here-PFQJ-AKadgGAzqQQAOUQCAFBMFwAGAMJQdCwA.exe; webfile:_C:\Users\Mateusz\Downloads\Click_here-PFQJ-AKadgGAzqQQAOUQCAFBMFwAGAMJQdCwA (1).zip|https://treferae.info/edd579533d89a8dcfea6d69310a3ebf6/download.asp|pid:11656,ProcessStart:132635161952331446 Pochodzenie wykrycia: Internet Typ wykrycia: FastPath Źródło wykrycia: Pobrania i załączniki Użytkownik: DESKTOP-QGFNIKH\Mateusz Nazwa procesu: Unknown Wersja analizy zabezpieczeń: AV: 1.335.1365.0, AS: 1.335.1365.0, NIS: 1.335.1365.0 Wersja aparatu: AM: 1.1.18000.5, NIS: 1.1.18000.5 Date: 2021-04-21 23:55:39 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0 Nazwa: HackTool:Win32/AutoKMS Identyfikator: 2147685180 Ważność: Wysoki Kategoria: Narzędzie Ścieżka: containerfile:_C:\Program Files\KMSpico\KMSELDI.exe; file:_C:\Program Files\KMSpico\KMSELDI.exe->[MSILRES:KMSELDI.SECOH-QAD.x86.dll]; file:_C:\Program Files\KMSpico\KMSELDI.exe->[MSILRES:KMSELDI.SECOH-QAD.x86.exe]; file:_C:\Program Files\KMSpico\scripts\UnInstall_Service.cmd Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: System Użytkownik: ZARZĄDZANIE NT\SYSTEM Nazwa procesu: C:\Windows\System32\cmd.exe Wersja analizy zabezpieczeń: AV: 1.335.1365.0, AS: 1.335.1365.0, NIS: 1.335.1365.0 Wersja aparatu: AM: 1.1.18000.5, NIS: 1.1.18000.5 Date: 2021-04-21 23:55:39 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0 Nazwa: HackTool:Win64/AutoKMS Identyfikator: 2147723334 Ważność: Wysoki Kategoria: Narzędzie Ścieżka: containerfile:_C:\Program Files\KMSpico\KMSELDI.exe; file:_C:\Program Files\KMSpico\KMSELDI.exe->[MSILRES:KMSELDI.SECOH-QAD.x64.dll]; file:_C:\Program Files\KMSpico\KMSELDI.exe->[MSILRES:KMSELDI.SECOH-QAD.x64.exe] Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: DESKTOP-QGFNIKH\Mateusz Nazwa procesu: C:\Windows\explorer.exe Wersja analizy zabezpieczeń: AV: 1.335.1365.0, AS: 1.335.1365.0, NIS: 1.335.1365.0 Wersja aparatu: AM: 1.1.18000.5, NIS: 1.1.18000.5 Date: 2021-04-21 23:55:38 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0 Nazwa: HackTool:Win32/AutoKMS Identyfikator: 2147685180 Ważność: Wysoki Kategoria: Narzędzie Ścieżka: containerfile:_C:\Program Files\KMSpico\KMSELDI.exe; file:_C:\Program Files\KMSpico\KMSELDI.exe->[MSILRES:KMSELDI.SECOH-QAD.x86.dll]; file:_C:\Program Files\KMSpico\KMSELDI.exe->[MSILRES:KMSELDI.SECOH-QAD.x86.exe]; file:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\KMSpico.lnk; regkey:_HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1; startup:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\KMSpico.lnk; uninstall:_HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: System Użytkownik: ZARZĄDZANIE NT\SYSTEM Nazwa procesu: Unknown Wersja analizy zabezpieczeń: AV: 1.335.1365.0, AS: 1.335.1365.0, NIS: 1.335.1365.0 Wersja aparatu: AM: 1.1.18000.5, NIS: 1.1.18000.5 Date: 2021-04-21 23:55:38 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0 Nazwa: HackTool:Win64/AutoKMS Identyfikator: 2147723334 Ważność: Wysoki Kategoria: Narzędzie Ścieżka: containerfile:_C:\Program Files\KMSpico\KMSELDI.exe; file:_C:\Program Files\KMSpico\KMSELDI.exe->[MSILRES:KMSELDI.SECOH-QAD.x64.dll]; file:_C:\Program Files\KMSpico\KMSELDI.exe->[MSILRES:KMSELDI.SECOH-QAD.x64.exe]; file:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\KMSpico.lnk; regkey:_HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1; startup:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\KMSpico.lnk; uninstall:_HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: System Użytkownik: ZARZĄDZANIE NT\SYSTEM Nazwa procesu: C:\Windows\explorer.exe Wersja analizy zabezpieczeń: AV: 1.335.1365.0, AS: 1.335.1365.0, NIS: 1.335.1365.0 Wersja aparatu: AM: 1.1.18000.5, NIS: 1.1.18000.5 Date: 2021-04-15 23:06:01 Description: Produkt Program antywirusowy Microsoft Defender napotkał błąd podczas próby przekazania podejrzanego pliku do dalszej analizy. Nazwa pliku: C:\Users\Mateusz\Downloads\dd4eef39-1301-4a38-a49a-55e553048a2b.tmp Sha256: 52d22b2890825bed6470c9b2eecf5cdae9ed03d54d8953d68141a6331c9de925 Bieżąca wersja analizy zabezpieczeń: AV: 1.335.889.0, AS: 1.335.889.0 Bieżąca wersja aparatu: 1.1.18000.5 Kod błędu: 0x80508016 CodeIntegrity: =============== Date: 2021-04-22 00:50:36 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. ==================== Statystyki pamięci =========================== BIOS: American Megatrends Inc. P4.80 03/10/2021 Płyta główna: ASRock B450 Gaming K4 Procesor: AMD Ryzen 5 3600 6-Core Processor Procent pamięci w użyciu: 43% Całkowita pamięć fizyczna: 16308.91 MB Dostępna pamięć fizyczna: 9139.71 MB Całkowita pamięć wirtualna: 21428.91 MB Dostępna pamięć wirtualna: 7098.92 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:222.95 GB) (Free:15.51 GB) NTFS Drive x: (Nowy) (Fixed) (Total:931.51 GB) (Free:290.24 GB) NTFS \\?\Volume{8b566fdc-7706-4937-a91e-49430a2aef54}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS \\?\Volume{72fd7138-566f-47e5-a5b3-1e0be41c1008}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (Size: 223.6 GB) (Disk ID: 5E81EB79) Partition: GPT. ========================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: 5E81EB7D) Partition: GPT. ==================== Koniec Addition.txt =======================