Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 01.07.2024 Uruchomiony przez emili (04-07-2024 23:09:31) Uruchomiony z C:\Users\emili\AppData\Local\Temp\scoped_dir8472_2064494085 Microsoft Windows 11 Home Wersja 23H2 22631.3810 (X64) (2023-11-30 17:55:21) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= (Załączenie wejścia w fixlist spowoduje jego usunięcie.) Administrator (S-1-5-21-344851665-1215438941-605073250-500 - Administrator - Disabled) emili (S-1-5-21-344851665-1215438941-605073250-1001 - Administrator - Enabled) => C:\Users\emili Gość (S-1-5-21-344851665-1215438941-605073250-501 - Limited - Disabled) Konto domyślne (S-1-5-21-344851665-1215438941-605073250-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-344851665-1215438941-605073250-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Combo Cleaner (HKLM\...\{8C9F8853-52F7-46F3-BC78-98001D3FF40C}) (Version: 1.0.63.0 - RCS LT) Hidden Combo Cleaner (HKLM-x32\...\InstallShield_{8C9F8853-52F7-46F3-BC78-98001D3FF40C}) (Version: 1.0.63.0 - RCS LT) CPUID CPU-Z 2.09 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.09 - CPUID, Inc.) CPUID HWMonitor 1.52 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.52 - CPUID, Inc.) Discord (HKU\S-1-5-21-344851665-1215438941-605073250-1001\...\Discord) (Version: 1.0.9025 - Discord Inc.) EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.235.0.5748 - Electronic Arts) Hidden EA app (HKLM-x32\...\{c467f425-8ccb-480e-a66d-e77fad36e5b2}) (Version: 13.235.0.5748 - Electronic Arts) Epic Games Launcher (HKLM-x32\...\{A662430E-6319-4082-8D9F-ABC0359B892A}) (Version: 1.3.93.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{57A956AB-4BCC-45C6-9B40-957E4E125568}) (Version: 2.0.44.0 - Epic Games, Inc.) FiveM (HKU\S-1-5-21-344851665-1215438941-605073250-1001\...\CitizenFX_FiveM) (Version: - Cfx.re) GIMP 2.10.36 (HKU\S-1-5-21-344851665-1215438941-605073250-1001\...\GIMP-2_is1) (Version: 2.10.36 - The GIMP Team) HeidiSQL 12.7.0.6850 (HKLM\...\HeidiSQL_is1) (Version: 12.7 - Ansgar Becker) Intel(R) Chipset Device Software (HKLM\...\{E6CC1C02-638D-44F5-8BAE-E455453F80BA}) (Version: 10.1.19468.8385 - Intel Corporation) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{8af15a1a-f70d-4968-84c0-97df0607c3e6}) (Version: 10.1.19468.8385 - Intel(R) Corporation) Intel(R) Extreme Tuning Utility (HKLM-x32\...\{656d6e57-cf22-4974-b6f5-a94ce20c1471}) (Version: 7.13.1.5 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{47D5774F-BBF9-401C-B909-B056C0391B39}) (Version: 30.100.2237.26 - Intel Corporation) Hidden Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.2237.26 - Intel Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKU\S-1-5-21-344851665-1215438941-605073250-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc) Malwarebytes version 5.1.6.117 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.6.117 - Malwarebytes) Microsoft 365 - pl-pl (HKLM\...\O365HomePremRetail - pl-pl) (Version: 16.0.17726.20126 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 126.0.2592.87 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-344851665-1215438941-605073250-1001\...\OneDriveSetup.exe) (Version: 24.116.0609.0005 - Microsoft Corporation) Microsoft OneNote - pl-pl (HKLM\...\OneNoteFreeRetail - pl-pl) (Version: 16.0.17726.20126 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual Studio Code (User) (HKU\S-1-5-21-344851665-1215438941-605073250-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.91.0 - Microsoft Corporation) MSI Afterburner 4.6.5 (HKLM-x32\...\Afterburner) (Version: 4.6.5 - MSI Co., LTD) MSI App Player (HKU\S-1-5-21-344851665-1215438941-605073250-1001\...\BlueStacks X_msi5) (Version: 10.0.30.6340 - now.gg, Inc.) MSI App Player Engine (HKLM\...\BlueStacks_msi5) (Version: 5.12.120.6303 - now.gg, Inc.) MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2024.0426.01 - MSI) MSI NBFoundation Service (HKLM-x32\...\{640EFA76-B899-476B-B2DF-D0CCF11D6083}}_is1) (Version: 2.0.2404.1901 - MSI) Need for Speed™ Heat (HKLM-x32\...\{8DA46384-7F54-4265-B90F-69BBC08DC3A1}) (Version: 1.0.60.7040 - Electronic Arts) NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation) NVIDIA GeForce Experience 3.28.0.417 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.28.0.417 - NVIDIA Corporation) NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation) NVIDIA Sterownik graficzny 551.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.23 - NVIDIA Corporation) NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17628.20110 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17726.20108 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0415-1000-0000000FF1CE}) (Version: 16.0.17628.20110 - Microsoft Corporation) Hidden OpenIV (HKU\S-1-5-21-344851665-1215438941-605073250-1001\...\OpenIV) (Version: 4.1.1502 - .black/OpenIV Team) Opera GX Stable 109.0.5097.142 (HKU\S-1-5-21-344851665-1215438941-605073250-1001\...\Opera GX 109.0.5097.142) (Version: 109.0.5097.142 - Opera Software) Opera Stable 111.0.5168.55 (HKU\S-1-5-21-344851665-1215438941-605073250-1001\...\Opera 111.0.5168.55) (Version: 111.0.5168.55 - Opera Software) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.254.0.12 - Overwolf Ltd.) Porofessor.gg (HKU\S-1-5-21-344851665-1215438941-605073250-1001\...\Overwolf_pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh) (Version: 2.7.364 - Overwolf app) Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9448.1 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 11.10.0720.2022 - Realtek) Riot Client (HKU\S-1-5-21-344851665-1215438941-605073250-1001\...\Riot Game Riot_Client.) (Version: - Riot Games, Inc) Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.92.2003 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.3.3.1 - Rockstar Games) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Środowisko uruchomieniowe Microsoft Edge WebView2 (HKLM-x32\...\Microsoft EdgeWebView) (Version: 126.0.2592.87 - Microsoft Corporation) WinRAR 6.24 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 6.24.0 - win.rar GmbH) XAMPP (HKLM\...\xampp) (Version: 8.2.12-0 - Apache Friends) Packages: ========= AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5536.0_x64__8j3eq9eme6ctt [2024-06-14] (INTEL CORP) [Startup Task] Camo Studio -> C:\Program Files\WindowsApps\ReincubateLtd.CamoStudio_2.1.130.0_x64__9bq3v28c93p4r [2024-06-10] (Reincubate) Journal -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJournal_1.23306.1292.0_x64__8wekyb3d8bbwe [2024-03-20] (Microsoft Corporation) LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_3.0.30.0_x64__w1wdnht996qgy [2024-06-02] (LinkedIn) [Startup Task] Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2140.12.228.0_x64__8xx8rvfyw5nnt [2024-06-25] (Meta) [Startup Task] Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-12-07] (Microsoft Corp.) Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.21110.548.0_x64__8wekyb3d8bbwe [2024-03-22] (Microsoft Corporation) Microsoft.AV1VideoExtension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.2.1293.0_x64__8wekyb3d8bbwe [2024-06-02] (Microsoft Corporation) Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-03-22] (Microsoft Corporation) Microsoft.D3DMappingLayers -> C:\Program Files\WindowsApps\Microsoft.D3DMappingLayers_1.2406.1.0_x64__8wekyb3d8bbwe [2024-07-03] (Microsoft Corporation) MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24052.57.0_x64__cw5n1h2txyewy [2024-06-21] (Microsoft Windows) [Startup Task] MSI Center -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.38.0_x64__kzh8wxbdkxb8p [2024-06-30] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task] MSI Common -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICommon_1.0.4.0_x64__kzh8wxbdkxb8p [2024-06-02] (MICRO-STAR INTERNATIONAL CO., LTD) MSI Game Bar -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSIGameBar_2.0.16.0_x64__kzh8wxbdkxb8p [2023-12-01] (MICRO-STAR INTERNATIONAL CO., LTD) Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.10.1.0_x64__w2gh52qy24etm [2024-05-01] (A-Volute) Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.99.5.0_x64__mcm4njqhnhss8 [2024-05-01] (Netflix, Inc.) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-04-29] (NVIDIA Corp.) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.51.327.0_x64__dt26b99r8h8gj [2024-05-16] (Realtek Semiconductor Corp) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.240.599.0_x64__zpdnekdrzrea0 [2024-06-21] (Spotify AB) [Startup Task] Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2024-03-20] (Microsoft Corporation) WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2424.6.0_x64__cv1g1gvanyjgm [2024-06-27] (WhatsApp Inc.) [Startup Task] WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.159.55.0_x64__8wekyb3d8bbwe [2024-06-27] (Microsoft Corp.) WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_5001.159.55.0_x64__8wekyb3d8bbwe [2024-06-27] (Microsoft Corp.) Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.LKG_cw5n1h2txyewy [2024-06-26] (Microsoft Windows) WinRAR -> C:\Program Files\WinRAR [2023-12-01] (win.rar GmbH) Zdjęcia -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11060.20006.0_x64__8wekyb3d8bbwe [2024-06-30] (Microsoft Corporation) [Startup Task] ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-344851665-1215438941-605073250-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\emili\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-07-04] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_2a8cae9d0cba5813\nvshext.dll [2024-01-19] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-07-04] (Malwarebytes Inc. -> Malwarebytes) ==================== Codecs (filtrowane) ==================== ==================== Skróty & WMI ======================== ==================== Załadowane moduły (filtrowane) ============= 2019-08-15 21:13 - 2019-08-15 21:13 - 001265664 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Combo Cleaner\runtimes\win-x64\native\e_sqlite3.dll ==================== Alternate Data Streams (filtrowane) ======== (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk:E77773B271 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk:5465085A2F [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk:104946E0EA [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk:7AD7FA8AB1 [3442] AlternateDataStreams: C:\Users\emili\Downloads\FRST64.exe:MBAM.Zone.Identifier [193] ==================== Tryb awaryjny (filtrowane) ================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (filtrowane) ========== BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-04-11] (Microsoft Corporation -> Microsoft Corporation) Toolbar: HKLM-x32 - Brak nazwy - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Brak pliku Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 ____N C:\Windows\system32\drivers\etc\hosts ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-344851665-1215438941-605073250-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\emili\OneDrive\Pulpit\test.png DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) HKLM\...\StartupApproved\Run: => "Riot Vanguard" HKLM\...\StartupApproved\Run: => "Combo Cleaner" HKU\S-1-5-21-344851665-1215438941-605073250-1001\...\StartupApproved\Run: => "Opera GX Stable" HKU\S-1-5-21-344851665-1215438941-605073250-1001\...\StartupApproved\Run: => "Opera Stable" HKU\S-1-5-21-344851665-1215438941-605073250-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_998EE77CCECDD7D64F52D25BBF695A8B" HKU\S-1-5-21-344851665-1215438941-605073250-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-344851665-1215438941-605073250-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-344851665-1215438941-605073250-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-344851665-1215438941-605073250-1001\...\StartupApproved\Run: => "RiotClient" HKU\S-1-5-21-344851665-1215438941-605073250-1001\...\StartupApproved\Run: => "Opera GX Browser Assistant" HKU\S-1-5-21-344851665-1215438941-605073250-1001\...\StartupApproved\Run: => "Overwolf" HKU\S-1-5-21-344851665-1215438941-605073250-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-344851665-1215438941-605073250-1001\...\StartupApproved\Run: => "EADM" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{C2B23ADF-9418-424A-A3F3-4B48A69ECFE8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{A7F1C45A-928A-4B83-A69A-0E85CEAA8EBE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{38CFD7E8-C5B3-4100-9ADF-EE69389072E7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{E4831817-0AE1-47AF-8D97-E83A1AA79D09}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{B148D62C-371C-49C7-8AB4-3B5E51032344}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{BD040F79-296B-40EE-954E-1B5A022902C9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{1BFD3A46-C1FA-48AE-9267-4AF5DBFADF97}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{0BBEB9D0-97DA-44B5-9676-E4B6694EE3D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{1CE3A7A4-B30F-4186-B522-43577FE65F19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{50887945-2354-4777-8364-F205E2EF4595}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{1A20C900-948F-41A4-BD0F-4A2F945DFDC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> ) FirewallRules: [{7196C9BB-3DD7-40D0-9D1B-5E2B7ABB737C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> ) FirewallRules: [{6B6AC420-3239-4A32-B00D-AEB4F19D4AEB}] => (Allow) C:\Program Files (x86)\BlueStacks X_msi5\BlueStacksWeb.exe (Now.gg, INC -> Bluestack Systems, Inc.) FirewallRules: [{F5F15618-4EDB-4850-A959-275962148838}] => (Allow) C:\Program Files (x86)\BlueStacks X_msi5\Cloud Game.exe (Now.gg, INC -> COMPANY NAME) FirewallRules: [{373BDFCD-2A31-4FC9-B22C-58BC82EF994B}] => (Allow) C:\Program Files\BlueStacks_msi5\HD-Player.exe (Now.gg, INC -> BlueStack Systems) FirewallRules: [{C9016893-48FF-4F3B-B892-577EF1B67320}] => (Allow) C:\Program Files\BlueStacks_msi5\BlueStacksAppplayerWeb.exe (Now.gg, INC -> The Qt Company Ltd.) FirewallRules: [{B641174B-44C8-46B5-A098-3121C3F3D582}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{BF3E81D6-1C1D-4ED9-ACEB-4FFE72C0E262}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{B582AA32-CFCB-4468-84C1-821E408BCC4A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe () [Brak podpisu cyfrowego] FirewallRules: [{89019CE4-C5CF-483D-A924-68F0CE9B3F0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{03A1D3EC-9ADC-41EB-AC89-E969D8BAA178}C:\users\emili\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\emili\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [UDP Query User{4D39C8B1-00A9-4EF5-9BD9-865F561EB1BF}C:\users\emili\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\emili\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [TCP Query User{7F2F54E5-D7DE-4289-A76B-5C38945309A9}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Block) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [UDP Query User{795D47C6-157F-4722-BF22-21B80EE25E84}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Block) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [TCP Query User{A06F531A-724E-47C3-B70C-2B62E73A80D1}C:\program files (x86)\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe (Electronic Arts -> Electronic Arts) FirewallRules: [UDP Query User{08FB135A-5A47-4165-9765-C2D822F84CF0}C:\program files (x86)\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe (Electronic Arts -> Electronic Arts) FirewallRules: [TCP Query User{021257BE-F585-49EA-9B89-01A99970A5E4}C:\users\emili\appdata\roaming\crystal-launcher\runtime\64\jdk-17.0.1+12\bin\javaw.exe] => (Allow) C:\users\emili\appdata\roaming\crystal-launcher\runtime\64\jdk-17.0.1+12\bin\javaw.exe FirewallRules: [UDP Query User{6E80FAAC-C37B-4B48-A4D2-3799B6C40EB1}C:\users\emili\appdata\roaming\crystal-launcher\runtime\64\jdk-17.0.1+12\bin\javaw.exe] => (Allow) C:\users\emili\appdata\roaming\crystal-launcher\runtime\64\jdk-17.0.1+12\bin\javaw.exe FirewallRules: [{8C270B21-94DE-4696-924D-814EC38A05DF}] => (Allow) C:\Program Files\EA Games\Need For Speed Heat\NeedForSpeedHeatTrial.exe (Electronic Arts) [Brak podpisu cyfrowego] FirewallRules: [{9A14CF6F-4FD2-4907-BAD3-A32A251472C9}] => (Allow) C:\Program Files\EA Games\Need For Speed Heat\NeedForSpeedHeatTrial.exe (Electronic Arts) [Brak podpisu cyfrowego] FirewallRules: [{0E398BD5-AA4B-412C-BB4E-743E06F02F77}] => (Allow) C:\Program Files\EA Games\Need For Speed Heat\NeedForSpeedHeat.exe (Electronic Arts) [Brak podpisu cyfrowego] FirewallRules: [{9CFA9BCA-2412-4FA5-B45A-ADE4C423088F}] => (Allow) C:\Program Files\EA Games\Need For Speed Heat\NeedForSpeedHeat.exe (Electronic Arts) [Brak podpisu cyfrowego] FirewallRules: [{E77649AD-E6D3-4E04-95AB-64577EF932F1}] => (Allow) C:\Program Files\WindowsApps\ReincubateLtd.CamoStudio_2.1.130.0_x64__9bq3v28c93p4r\CamoStudio.exe (3699905D-9A67-4D0C-A440-7BC4023B2C93 -> Reincubate) FirewallRules: [{87B62AFF-B28A-418D-A3C8-C1D276772695}] => (Allow) C:\Program Files\WindowsApps\ReincubateLtd.CamoStudio_2.1.130.0_x64__9bq3v28c93p4r\CamoStudio.exe (3699905D-9A67-4D0C-A440-7BC4023B2C93 -> Reincubate) FirewallRules: [{D23B42C9-2DD4-4722-8468-6D15CA26CCEA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.240.599.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{7088A9C8-2EF4-455A-A997-1CA8432ACDF6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.240.599.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{E6CE0D37-80AA-41F5-A509-179F87254E35}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.240.599.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{AE227C37-38D1-49BF-BDD7-F1E64A594104}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.240.599.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{2414CA78-A451-49DC-9A37-189EC8E93E2C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.240.599.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{3C4966B9-62BC-467C-BD30-895586A9694D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.240.599.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{8BB8EBF9-840C-4BE0-BC52-B615022618D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.240.599.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{072F2633-0FA4-4B83-9D9B-F11A70E8F91B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.240.599.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{2D3E47B8-8C84-40B3-A42E-DDE41BC3EC0E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.240.599.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{608DB051-04A9-43FD-B50E-023D4C6FA7AD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.240.599.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{C871D692-112A-4A5A-BA1D-841D715CE533}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24151.2106.2956.9158_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{5D7CCDDE-E903-4D73-85C9-6BF7B91AFBD8}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24151.2106.2956.9158_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{0B217D0F-240C-4C26-A97D-5D0B006A934E}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> ) FirewallRules: [UDP Query User{C98818C2-D3A1-4496-B4AB-106618B63FF5}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> ) FirewallRules: [TCP Query User{31710AB4-5327-4BF0-B406-7E38534A7349}C:\users\emili\onedrive\pulpit\gry\serwer\localhost\fxserver.exe] => (Allow) C:\users\emili\onedrive\pulpit\gry\serwer\localhost\fxserver.exe => Brak pliku FirewallRules: [UDP Query User{AC2B5D0D-CE9D-49E5-8916-8CB07BEA76C1}C:\users\emili\onedrive\pulpit\gry\serwer\localhost\fxserver.exe] => (Allow) C:\users\emili\onedrive\pulpit\gry\serwer\localhost\fxserver.exe => Brak pliku FirewallRules: [TCP Query User{D9E3DE18-FA9B-4510-910B-804B9B8F27A9}C:\users\emili\onedrive\pulpit\localhost\fxserver.exe] => (Allow) C:\users\emili\onedrive\pulpit\localhost\fxserver.exe (Cfx.re) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{BDE4B701-576C-4D12-9977-6E19991D0FDA}C:\users\emili\onedrive\pulpit\localhost\fxserver.exe] => (Allow) C:\users\emili\onedrive\pulpit\localhost\fxserver.exe (Cfx.re) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{8594A6CD-252F-4CF3-BB8B-5557F530386E}C:\users\emili\appdata\local\fivem\fivem.exe] => (Allow) C:\users\emili\appdata\local\fivem\fivem.exe (Rockstar Games, Inc. -> Cfx.re) FirewallRules: [UDP Query User{584AF35C-1288-4DEC-B0C6-DFFD1A70487F}C:\users\emili\appdata\local\fivem\fivem.exe] => (Allow) C:\users\emili\appdata\local\fivem\fivem.exe (Rockstar Games, Inc. -> Cfx.re) FirewallRules: [TCP Query User{C1C11874-FBD1-4997-88BC-DA8B8DC8E17C}C:\users\emili\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2944_gtaprocess.exe] => (Allow) C:\users\emili\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2944_gtaprocess.exe (Cfx.re) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{F5B8C0D2-E549-4D4E-8EA3-28DDDDA149C4}C:\users\emili\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2944_gtaprocess.exe] => (Allow) C:\users\emili\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2944_gtaprocess.exe (Cfx.re) [Brak podpisu cyfrowego] FirewallRules: [{C799E736-08FE-4490-9523-498FF89F9F85}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{32FB1952-D261-440C-9F98-B4765B16BD95}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{AF78BB2D-D63F-4E6E-A011-5B45390F56E9}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{9FD6013E-C14C-4EF0-98ED-2C8DC2ABA7B8}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{E2FDD1EE-1C31-409E-9CF2-A17C80842EBE}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{5D0BE922-AABE-4192-8DC5-13C3C40067A0}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{12F59DBB-E31D-40F8-A8FD-ACB18CB9F239}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{45C80277-E4FF-4635-BC33-433501286F6E}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{98639D3D-144E-4DC7-9AC9-84BF271C694E}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{0474065B-B68B-4AA8-90FD-040F738B257B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{526E1F3F-CE39-48B5-87DB-E69FF53FDF94}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{A803D199-3E7F-45AA-8F2C-37E2040DF503}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{EDC47885-5BB7-431A-9840-B2FCCD744980}C:\users\emili\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_steamchild.exe] => (Allow) C:\users\emili\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_steamchild.exe (Rockstar Games, Inc. -> Cfx.re) FirewallRules: [UDP Query User{DBFE7C01-2435-42A2-A3E7-62A958F59737}C:\users\emili\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_steamchild.exe] => (Allow) C:\users\emili\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_steamchild.exe (Rockstar Games, Inc. -> Cfx.re) FirewallRules: [TCP Query User{40BE7DDB-7C14-4EC1-99BA-5224B2C59FC0}C:\users\emili\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b3095_gtaprocess.exe] => (Allow) C:\users\emili\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b3095_gtaprocess.exe (Cfx.re) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{629A4A12-20FD-45FE-A19D-B5207A757922}C:\users\emili\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b3095_gtaprocess.exe] => (Allow) C:\users\emili\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b3095_gtaprocess.exe (Cfx.re) [Brak podpisu cyfrowego] FirewallRules: [{2B32D3CC-4EA3-4AA2-ADED-FA7C993ACC6C}] => (Allow) LPort=32683 FirewallRules: [{9AE32969-43E3-48BE-A9CA-18DD6B0261C8}] => (Allow) LPort=26822 FirewallRules: [{95E06C7F-2299-4DC0-A659-FA097C90D66A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.87\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{FD49D1FB-FCC1-4567-B228-8398DF726B6F}] => (Allow) C:\Program Files (x86)\Overwolf\0.251.2.1\OverwolfBrowser.exe => Brak pliku FirewallRules: [{8C903E15-4478-46B1-843B-18713C2D7A64}] => (Allow) C:\Program Files (x86)\Overwolf\0.251.2.1\OverwolfBrowser.exe => Brak pliku FirewallRules: [{A6CE5234-6EDD-4054-B403-787D3E3199D7}] => (Block) C:\Program Files (x86)\Overwolf\0.251.2.1\OverwolfBrowser.exe => Brak pliku FirewallRules: [{A4A8850B-4605-4716-9A28-9C3CF3F2C361}] => (Block) C:\Program Files (x86)\Overwolf\0.251.2.1\OverwolfBrowser.exe => Brak pliku FirewallRules: [{6B455DC4-B4A2-4752-8646-661B2F7B2DB2}] => (Allow) C:\Program Files (x86)\Overwolf\0.251.1.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{54DD9B1D-DB73-4744-BA00-D53ED9A1177F}] => (Allow) C:\Program Files (x86)\Overwolf\0.251.1.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{1ECF0E24-2EA5-4FF5-81F2-C99644C213C3}] => (Block) C:\Program Files (x86)\Overwolf\0.251.1.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{F4D55748-B132-4759-8252-2009B5FB66E9}] => (Block) C:\Program Files (x86)\Overwolf\0.251.1.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{167CEA26-8813-46C0-BF95-3EA6833E0D1B}] => (Allow) C:\Users\emili\AppData\Local\Overwolf\ProcessCache\0.251.1.1\pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh\Porofessor.gg.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{E8C54245-0007-4917-9B68-773A81E3D6E9}] => (Allow) C:\Users\emili\AppData\Local\Overwolf\ProcessCache\0.251.1.1\pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh\Porofessor.gg.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{A9DD646D-614D-4F44-BBED-3FA479BE60BD}] => (Block) C:\Users\emili\AppData\Local\Overwolf\ProcessCache\0.251.1.1\pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh\Porofessor.gg.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{65F2F230-777F-452E-BDFF-275442F6688F}] => (Block) C:\Users\emili\AppData\Local\Overwolf\ProcessCache\0.251.1.1\pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh\Porofessor.gg.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{94587B08-9E35-442C-8CAB-C12C0D0A0BE1}] => (Allow) C:\Program Files (x86)\Overwolf\0.254.0.12\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{634B3915-6BF4-4040-B91D-3F40735FDCD9}] => (Allow) C:\Program Files (x86)\Overwolf\0.254.0.12\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [TCP Query User{4937EF28-A39C-4D48-9F0E-E22E748B91DF}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{1ACB165A-F305-45FF-AF5B-4C8B2799930E}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{559C83E7-D1D8-4096-BA5C-1C73933CF7D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{A35FB456-7C0C-4742-9914-58C74E07777E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{48600DE9-9BB2-47DD-947C-57668AD47934}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{EAEC856E-3650-4BF2-BC42-6FBB155BF922}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) ==================== Punkty Przywracania systemu ========================= UWAGA: Przywracanie systemu jest wyłączone (Total:454.51 GB) (Free:53.32 GB) (12%) ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (07/04/2024 08:33:40 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: ZARZĄDZANIE NT) Description: System Windows nie może załadować biblioteki DLL rozszerzalnego licznika „C:\Windows\system32\sysmain.dll” (kod błędu systemu Win32: 126). Error: (07/04/2024 08:33:18 PM) (Source: IPF) (EventID: 17) (User: ZARZĄDZANIE NT) Description: Event-ID 17 Error: (07/04/2024 08:33:18 PM) (Source: IPF) (EventID: 17) (User: ZARZĄDZANIE NT) Description: Event-ID 17 Error: (07/04/2024 08:33:18 PM) (Source: IPF) (EventID: 17) (User: ZARZĄDZANIE NT) Description: Event-ID 17 Error: (07/04/2024 08:33:18 PM) (Source: IPF) (EventID: 17) (User: ZARZĄDZANIE NT) Description: Event-ID 17 Error: (07/04/2024 08:33:18 PM) (Source: IPF) (EventID: 17) (User: ZARZĄDZANIE NT) Description: Event-ID 17 Error: (07/04/2024 08:33:18 PM) (Source: IPF) (EventID: 17) (User: ZARZĄDZANIE NT) Description: Event-ID 17 Error: (07/04/2024 08:33:18 PM) (Source: IPF) (EventID: 17) (User: ZARZĄDZANIE NT) Description: Event-ID 17 Dziennik System: ============= Error: (07/04/2024 10:34:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone. Error: (07/04/2024 10:34:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80073d02: 9MSSGKG348SP-MicrosoftWindows.Client.WebExperience. Error: (07/04/2024 08:38:30 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone. Error: (07/03/2024 09:16:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Microsoft Office Click-to-Run Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (07/03/2024 05:57:06 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: ) Description: Miniport: Microsoft Wi-Fi Direct Virtual Adapter #2, {9dcecdf9-8aa1-4c19-8b78-3ba7c7d96ebe}, zdarzenie: 74 Error: (07/02/2024 11:52:38 PM) (Source: Netwtw10) (EventID: 5035) (User: ) Description: 5035 - Driver OSC Pending OID watchdog Error: (07/02/2024 11:52:30 PM) (Source: Netwtw10) (EventID: 5002) (User: ) Description: Intel(R) Wi-Fi 6 AX201 160MHz: stwierdzono, że karta sieciowa nie działa właściwie. 5002 - uCode SW error (SysAssert, NMI) Error: (07/02/2024 11:52:30 PM) (Source: Netwtw10) (EventID: 5010) (User: ) Description: Intel(R) Wi-Fi 6 AX201 160MHz: karta sieciowa zwróciła do sterownika nieprawidłową wartość. 5010 - Driver DBG_ASSERT - instead of BSOD Windows Defender: ================ Date: 2024-07-03 21:31:34 Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {8AF67D62-7317-420C-AB5F-CFEA7F6202CF} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2024-07-02 23:52:28 Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {66239558-07D9-4BB1-A810-D7CA52CD3843} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2024-07-01 21:11:38 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/CoinMiner&threatid=227033&enterprise=0 Nazwa: PUA:Win32/CoinMiner Identyfikator: 227033 Ważność: Niski Kategoria: Potencjalnie niechciane oprogramowanie Ścieżka: file:_C:\Users\emili\AppData\Local\User.exe Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: FastPath Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: MSI\emili Nazwa procesu: C:\Users\emili\AppData\Local\Profile.exe Wersja analizy zabezpieczeń: AV: 1.413.633.0, AS: 1.413.633.0, NIS: 1.413.633.0 Wersja aparatu: AM: 1.1.24050.5, NIS: 1.1.24050.5 Date: 2024-07-01 21:11:21 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/CoinMiner&threatid=227033&enterprise=0 Nazwa: PUA:Win32/CoinMiner Identyfikator: 227033 Ważność: Niski Kategoria: Potencjalnie niechciane oprogramowanie Ścieżka: file:_C:\Users\emili\AppData\Local\User.exe Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: FastPath Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: MSI\emili Nazwa procesu: C:\Users\emili\OneDrive\Pulpit\localhost\FXServer.exe Wersja analizy zabezpieczeń: AV: 1.413.633.0, AS: 1.413.633.0, NIS: 1.413.633.0 Wersja aparatu: AM: 1.1.24050.5, NIS: 1.1.24050.5 Date: 2024-06-30 22:45:06 Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {A8D626E5-5B11-4AE1-9C0C-FE981E71967C} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Event[0] Date: 2024-07-01 21:49:41 Description: Agent ochrony w czasie rzeczywistym produktu Program antywirusowy Microsoft Defender wykrył błąd i jego uruchomienie nie powiodło się. Funkcja: Przy dostępie Kod błędu: 0x80004005 Opis błędu: Nieokreślony błąd. Przyczyna: Sterownik filtru pominął skanowanie elementów i pracuje w trybie przekazywania. Może to być spowodowane niskim stanem zasobów. Date: 2024-05-04 22:37:38 Description: Produkt Program antywirusowy Microsoft Defender napotkał błąd podczas próby aktualizacji analizy zabezpieczeń. Nowa wersja analizy zabezpieczeń: Poprzednia wersja analizy zabezpieczeń: 1.409.621.0 Źródło aktualizacji: Centrum firmy Microsoft ds. ochrony przed złośliwym oprogramowaniem Typ analizy zabezpieczeń: Oprogramowanie antywirusowe Typ aktualizacji: Pełne Użytkownik: ZARZĄDZANIE NT\SYSTEM Bieżąca wersja aparatu: Poprzednia wersja aparatu: 1.1.24030.4 Kod błędu: 0x80072ee7 Opis błędu: Nie można określić nazwy serwera lub adresu. Date: 2024-05-04 22:37:38 Description: Produkt Program antywirusowy Microsoft Defender napotkał błąd podczas próby aktualizacji analizy zabezpieczeń. Nowa wersja analizy zabezpieczeń: Poprzednia wersja analizy zabezpieczeń: 1.409.621.0 Źródło aktualizacji: Centrum firmy Microsoft ds. ochrony przed złośliwym oprogramowaniem Typ analizy zabezpieczeń: Oprogramowanie antyszpiegowskie Typ aktualizacji: Pełne Użytkownik: ZARZĄDZANIE NT\SYSTEM Bieżąca wersja aparatu: Poprzednia wersja aparatu: 1.1.24030.4 Kod błędu: 0x80072ee7 Opis błędu: Nie można określić nazwy serwera lub adresu. Date: 2024-05-04 22:37:38 Description: Produkt Program antywirusowy Microsoft Defender napotkał błąd podczas próby aktualizacji analizy zabezpieczeń. Nowa wersja analizy zabezpieczeń: Poprzednia wersja analizy zabezpieczeń: 1.409.621.0 Źródło aktualizacji: Centrum firmy Microsoft ds. ochrony przed złośliwym oprogramowaniem Typ analizy zabezpieczeń: Oprogramowanie antywirusowe Typ aktualizacji: Pełne Użytkownik: ZARZĄDZANIE NT\SYSTEM Bieżąca wersja aparatu: Poprzednia wersja aparatu: 1.1.24030.4 Kod błędu: 0x80072ee7 Opis błędu: Nie można określić nazwy serwera lub adresu. Date: 2024-05-04 22:37:09 Description: Produkt Program antywirusowy Microsoft Defender napotkał błąd podczas próby aktualizacji analizy zabezpieczeń. Nowa wersja analizy zabezpieczeń: Poprzednia wersja analizy zabezpieczeń: 1.409.621.0 Źródło aktualizacji: Centrum firmy Microsoft ds. ochrony przed złośliwym oprogramowaniem Typ analizy zabezpieczeń: Oprogramowanie antywirusowe Typ aktualizacji: Pełne Użytkownik: ZARZĄDZANIE NT\SYSTEM Bieżąca wersja aparatu: Poprzednia wersja aparatu: 1.1.24030.4 Kod błędu: 0x80072ee2 Opis błędu: Limit czasu operacji został przekroczony. CodeIntegrity: =============== Date: 2024-07-04 23:04:13 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements. Date: 2024-07-04 20:46:25 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_f73ac9c2b65df779\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2024-07-03 21:17:32 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Users\emili\AppData\Local\Programs\Microsoft VS Code\Code.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Microsoft signing level requirements. Date: 2024-07-03 18:28:57 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Users\emili\AppData\Local\Discord\app-1.0.9152\Discord.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.251.2.1\OWClient.dll that did not meet the Microsoft signing level requirements. Date: 2024-07-03 18:28:57 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Users\emili\AppData\Local\Discord\app-1.0.9152\Discord.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.251.2.1\ow-graphics-vulkan.dll that did not meet the Microsoft signing level requirements. ==================== Statystyki pamięci =========================== BIOS: American Megatrends International, LLC. E16R8IMS.10E 08/01/2023 Płyta główna: Micro-Star International Co., Ltd. MS-16R8 Procesor: 12th Gen Intel(R) Core(TM) i5-12450H Procent pamięci w użyciu: 56% Całkowita pamięć fizyczna: 16085.32 MB Dostępna pamięć fizyczna: 7039.55 MB Całkowita pamięć wirtualna: 19541.32 MB Dostępna pamięć wirtualna: 8693.92 MB ==================== Dyski ================================ Drive c: (Windows) (Fixed) (Total:454.51 GB) (Free:53.32 GB) (Model: SAMSUNG MZVL4512HBLU-00BTW) NTFS \\?\Volume{e50756d1-9321-4b58-b24e-cd1dfe076f35}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.25 GB) NTFS \\?\Volume{d223ca76-5f6d-4895-a71c-29e81bc1a867}\ (BIOS_RVY) (Fixed) (Total:21.13 GB) (Free:0.69 GB) NTFS \\?\Volume{6423c25f-c54b-455b-940a-042a031d476f}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32 ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (Size: 476.9 GB) (Disk ID: 52E82F3C) Partition: GPT. ==================== Koniec Addition.txt =======================