Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 06-10-2023 Uruchomiony przez rafal (06-10-2023 21:18:37) Uruchomiony z C:\Users\rafal\Downloads Microsoft Windows 10 Pro Wersja 22H2 19045.3516 (X64) (2023-01-13 22:16:01) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= (Załączenie wejścia w fixlist spowoduje jego usunięcie.) Administrator (S-1-5-21-1705589361-728360065-3321163868-500 - Administrator - Disabled) defaultuser0 (S-1-5-21-1705589361-728360065-3321163868-1000 - Limited - Disabled) Gość (S-1-5-21-1705589361-728360065-3321163868-501 - Limited - Disabled) Konto domyślne (S-1-5-21-1705589361-728360065-3321163868-503 - Limited - Disabled) rafal (S-1-5-21-1705589361-728360065-3321163868-1001 - Administrator - Enabled) => C:\Users\rafal rafal_2pz6a8w (S-1-5-21-1705589361-728360065-3321163868-1002 - Administrator - Enabled) => C:\Users\rafal_2pz6a8w WDAGUtilityAccount (S-1-5-21-1705589361-728360065-3321163868-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Malwarebytes (Disabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543} AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Age of Wonders 4 MULTi9 - ElAmigos wersja 80167 (HKLM-x32\...\{83549E4C-2A37-47A4-BE5F-B4FF6D6EAF8B}_is1) (Version: 80167 - Paradox Interactive) AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 4.07.13.2243 - Advanced Micro Devices, Inc.) AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.89 - Advanced Micro Devices, Inc.) Hidden AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.19.0.0 - Advanced Micro Devices, Inc.) Hidden AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 23.9.3 - Advanced Micro Devices, Inc.) AMD_Chipset_Drivers (HKLM-x32\...\{2b787d65-59ec-46d5-9e6b-8b4761e7903c}) (Version: 4.07.13.2243 - Advanced Micro Devices, Inc.) Hidden Arkusze (HKU\S-1-5-21-1705589361-728360065-3321163868-1001\...\a1c113c2b486bbe0f80f29763dc4b926) (Version: 1.0 - Google\Chrome) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Brackets (HKLM-x32\...\{DECDF311-E886-4879-A6BF-39B2C7F07862}) (Version: 2.2.1 - brackets.io) Hidden Brackets (HKLM-x32\...\Brackets 2.2.1) (Version: 2.2.1 - brackets.io) Branding64 (HKLM\...\{492AEFBE-1B81-4C20-A111-E6974BB98EC5}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden CrystalDiskInfo 8.17.12 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.17.12 - Crystal Dew World) CrystalDiskMark 8.0.4c (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.4c - Crystal Dew World) Days Gone MULTi23 - ElAmigos wersja 1.06 (HKLM-x32\...\{2BEC5982-4A11-431C-A9DF-21C7BFC3B3EF}_is1) (Version: 1.06 - PlayStation Mobile) Desperados III Digital Deluxe Edition MULTi10 - ElAmigos wersja 09.12.2020 (HKLM-x32\...\{5D8F778F-BF43-4310-8968-5C1C2B799E12}_is1) (Version: 09.12.2020 - THQ Nordic) Discord (HKU\S-1-5-21-1705589361-728360065-3321163868-1001\...\Discord) (Version: 1.0.9008 - Discord Inc.) Dokumenty (HKU\S-1-5-21-1705589361-728360065-3321163868-1001\...\b5ad17106aeee6be3e7ad4297e19131d) (Version: 1.0 - Google\Chrome) Dying Light 2 Stay Human v1.10.3 - ALIEN (HKLM-x32\...\Dying Light 2 Stay Human_is1) (Version: - Techland) Dysk Google (HKU\S-1-5-21-1705589361-728360065-3321163868-1001\...\e3ac86ff3abff8976d754bf818400f40) (Version: 1.0 - Google\Chrome) Epic Games Launcher (HKLM-x32\...\{264464DC-63A7-40C9-92C8-A3EB54AFD72C}) (Version: 1.3.51.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{19695986-25CE-41AC-9C6F-54794653EDBA}) (Version: 2.0.36.0 - Epic Games, Inc.) FileZilla 3.65.0 (HKLM-x32\...\FileZilla Client) (Version: 3.65.0 - Tim Kosse) Gmail (HKU\S-1-5-21-1705589361-728360065-3321163868-1001\...\366eba4b0fb88becf8572c964e347682) (Version: 1.0 - Google\Chrome) God of War (HKLM-x32\...\FLT_GodOfWar) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 117.0.5938.150 - Google LLC) Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2802.0 - Rockstar Games) JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0.1 - AppWork GmbH) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden LIX Gaming Mouse (HKLM-x32\...\{4602F77F-B385-4755-8F4F-11188B9A7CB1}_is1) (Version: 1.1 - SPC GEAR) Malwarebytes version 4.6.3.282 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.3.282 - Malwarebytes) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.47 - Microsoft Corporation) Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation) Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1705589361-728360065-3321163868-1001\...\OneDriveSetup.exe) (Version: 23.189.0910.0001 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1705589361-728360065-3321163868-1002\...\OneDriveSetup.exe) (Version: 23.002.0102.0004 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31938 (HKLM-x32\...\{d92971ab-f030-43c8-8545-c66c818d0e05}) (Version: 14.34.31938.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31938 (HKLM-x32\...\{4f84f2dc-3f70-433a-8f50-8293e0089b0f}) (Version: 14.34.31938.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31938 (HKLM\...\{7DA37AE3-D8AE-49B1-9BDC-23CA0AB9FF22}) (Version: 14.34.31938 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31938 (HKLM\...\{0AE39060-F209-4D05-ABC7-54B8F9CFA32E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31938 (HKLM-x32\...\{080D8397-60F4-44B3-BB95-FBB950CB0B4E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31938 (HKLM-x32\...\{8DE5B0D4-A6D8-4F72-B8EF-28776A2EE5D5}) (Version: 14.34.31938 - Microsoft Corporation) Hidden MKV Player 2.1.30 (HKLM-x32\...\MKV Player_is1) (Version: - ) MSI Afterburner 4.6.5 (HKLM-x32\...\Afterburner) (Version: 4.6.5 - MSI Co., LTD) Northgard MULTi7 - ElAmigos wersja 3.1.5.32544 (HKLM-x32\...\{A75E7CE5-C3FE-4B34-AA67-8962AD1C8769}_is1) (Version: 3.1.5.32544 - Shiro Games) Prezentacje (HKU\S-1-5-21-1705589361-728360065-3321163868-1001\...\0259bd872cb71b7921d914f020c9ee95) (Version: 1.0 - Google\Chrome) Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden Radmin VPN 1.3.3 (HKLM-x32\...\{F5FF0890-E3FC-4732-86A1-D72E74AF7F29}) (Version: 1.3.4568.3 - Famatech) Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9336.1 - Realtek Semiconductor Corp.) Revo Uninstaller 2.4.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.4.5 - VS Revo Group, Ltd.) RivaTuner Statistics Server 7.3.4 (HKLM-x32\...\RTSS) (Version: 7.3.4 - Unwinder) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.67.1178 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.6.5 - Rockstar Games) RyzenMasterSDK (HKLM\...\{0A09D63B-8DA8-4BA8-9BD1-BC7C949CBF91}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden Shadow Tactics Blades of the Shogun MULTi10 - ElAmigos wersja 3.2.25 (HKLM-x32\...\{DB5428A7-F312-4F50-AABF-72C3D124982F}_is1) (Version: 3.2.25 - Daedalic Entertainment) Soldat 1.7.1.1 (HKLM-x32\...\Soldat_is1) (Version: 1.7.1.1 - Michal Marcinkowski) SPC Gear GK540 Magna Kailh RGB (HKLM-x32\...\{12F382E1-63D4-4B94-BD32-5F845E74FC79}) (Version: 1.00 - COOLING.PL Zdziech Spolka Jawna) Star Stable Online 2.22.0 (HKLM\...\8c663ade-0de5-52b6-812d-f5cd25f943ac) (Version: 2.22.0 - Star Stable Entertainment AB) Star Wars Jedi Fallen Order MULTi13 - ElAmigos wersja 1.0 (HKLM-x32\...\{CB815A4E-4C61-45E9-AFE5-B81840D81F2D}_is1) (Version: 1.0 - Electronic Arts) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Środowisko uruchomieniowe Microsoft Edge WebView2 (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.55 - Microsoft Corporation) The Last of Us Part I MULTi25 - ElAmigos wersja 1.0.1.0 (HKLM-x32\...\{22582C45-F1CA-466B-8479-C58F058E8FD0}_is1) (Version: 1.0.1.0 - PlayStation PC LLC) They Are Billions (HKLM-x32\...\1335738339_is1) (Version: 1.1.4.10 - GOG.com) Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation) Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft) Wargaming.net Game Center (HKU\S-1-5-21-1705589361-728360065-3321163868-1001\...\Wargaming.net Game Center) (Version: 23.4.0.3412 - Wargaming.net) Wartales MULTi8 - ElAmigos wersja 1.0.25233 (HKLM-x32\...\{E0BAD752-9951-429D-BAAE-2D88A06699A4}_is1) (Version: 1.0.25233 - Shiro Games) WeMod (HKU\S-1-5-21-1705589361-728360065-3321163868-1001\...\WeMod) (Version: 8.7.0 - WeMod) WinRAR 6.11 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH) World of Tanks EU (HKU\S-1-5-21-1705589361-728360065-3321163868-1001\...\2135834465) (Version: - Wargaming.net) World_of_Warplanes (HKU\S-1-5-21-1705589361-728360065-3321163868-1001\...\645401476) (Version: - Wargaming.net) YouTube (HKU\S-1-5-21-1705589361-728360065-3321163868-1001\...\db6c072fb56e08971b1fadd0ef4c9700) (Version: 1.0 - Google\Chrome) Packages: ========= Dodatek Aparat multimediów dla aplikacji Zdjęcia -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-04-26] (Microsoft Corporation) Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.20.0_x64__w2gh52qy24etm [2023-07-27] (A-Volute) PDF Reader - View, Edit, Share -> C:\Program Files\WindowsApps\0D9A1B2D.PDFReaderUWP_1.23.0.0_x64__jhretta7p24aw [2023-09-29] (Kdan Mobile Software Ltd.) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.35.271.0_x64__dt26b99r8h8gj [2023-01-24] (Realtek Semiconductor Corp) Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-08-26] (Microsoft Studios) [MS Ad] ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1705589361-728360065-3321163868-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\rafal\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-08-24] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2023-09-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-08-24] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-14] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Brak podpisu cyfrowego] HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Brak podpisu cyfrowego] ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\rafal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Arkusze.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf ShortcutWithArgument: C:\Users\rafal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Dokumenty.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb ShortcutWithArgument: C:\Users\rafal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Dysk Google.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=aghbiahbpaijignceidepookljebhfak ShortcutWithArgument: C:\Users\rafal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm ShortcutWithArgument: C:\Users\rafal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Prezentacje.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kefjledonklijopmnomlcbpllchaibag ShortcutWithArgument: C:\Users\rafal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml ==================== Załadowane moduły (filtrowane) ============= 2023-03-14 17:57 - 2023-03-14 17:57 - 000058368 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll 2023-03-14 17:57 - 2023-03-14 17:57 - 000074240 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll 2023-03-14 17:57 - 2023-03-14 17:57 - 000368640 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll 2023-01-14 12:22 - 2023-10-01 11:18 - 000503808 _____ (Microsoft Corporation) [Brak podpisu cyfrowego] C:\Windows\SYSTEM32\gameplatformservices.dll ==================== Alternate Data Streams (filtrowane) ======== (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [3680] ==================== Tryb awaryjny (filtrowane) ================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (filtrowane) ========== ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1705589361-728360065-3321163868-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\rafal\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\tapeciarnia.pl-tapeta-czarne-lamborghini-centenario-na-plazy-z-gry-forza-horizon-3.jpg HKU\S-1-5-21-1705589361-728360065-3321163868-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\rafal_2pz6a8w\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\tapeciarnia.pl-tapeta-czarne-lamborghini-centenario-na-plazy-z-gry-forza-horizon-3.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1) HKU\S-1-5-21-1705589361-728360065-3321163868-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) MSCONFIG\Services: EpicOnlineServices => 3 MSCONFIG\Services: Steam Client Service => 3 HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "RtkAudUService" HKLM\...\StartupApproved\Run32: => "Launch 0 FwCustom" HKLM\...\StartupApproved\Run32: => "LIX" HKLM\...\StartupApproved\Run32: => "RadminVPN" HKU\S-1-5-21-1705589361-728360065-3321163868-1001\...\StartupApproved\Run: => "AMDNoiseSuppression" HKU\S-1-5-21-1705589361-728360065-3321163868-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1705589361-728360065-3321163868-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-1705589361-728360065-3321163868-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-1705589361-728360065-3321163868-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-1705589361-728360065-3321163868-1001\...\StartupApproved\Run: => "Wargaming.net Game Center" HKU\S-1-5-21-1705589361-728360065-3321163868-1001\...\StartupApproved\Run: => "ProductAuthenticationService" HKU\S-1-5-21-1705589361-728360065-3321163868-1001\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-1705589361-728360065-3321163868-1001\...\StartupApproved\Run: => "ALLUpdate" HKU\S-1-5-21-1705589361-728360065-3321163868-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-1705589361-728360065-3321163868-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_BCB5D7C81BEE5269C1C5C0DC7F1227EB" HKU\S-1-5-21-1705589361-728360065-3321163868-1001\...\StartupApproved\Run: => "Napisy24.pl" HKU\S-1-5-21-1705589361-728360065-3321163868-1001\...\StartupApproved\Run: => "Napisy24Update" HKU\S-1-5-21-1705589361-728360065-3321163868-1001\...\StartupApproved\Run: => "RiotClient" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [TCP Query User{AD039742-4B93-41A6-84AF-3B1073A67D9E}D:\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net) FirewallRules: [UDP Query User{A195EDEC-B4EB-4FCC-8D99-7C9669A940E9}D:\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net) FirewallRules: [{7D92FCAF-EB94-43DD-8EE9-94F24031517F}] => (Allow) D:\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{E3966EF1-F113-40C9-9FAE-DE60EA08C260}] => (Allow) D:\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{A835A9F7-883E-45F4-BACF-111636FF3577}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{3DFD3CC7-B80B-4DED-8BFE-A1D00008B710}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{AD405EA8-4F01-4AB2-B0AF-38587BAF11C3}] => (Allow) F:\SteamLibrary\steamapps\common\Prison Life\Prison Life.exe () [Brak podpisu cyfrowego] FirewallRules: [{5E585B9B-E722-4392-992C-CC22726E8053}] => (Allow) F:\SteamLibrary\steamapps\common\Prison Life\Prison Life.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{EE4F1ECF-D332-4AA5-B377-3F9CF297D53C}D:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{DF80E2AD-9545-49BD-B0F5-B2A84947C031}D:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{E3F9BAEE-83B1-4636-9725-3244AC06C713}] => (Allow) F:\SteamLibrary\steamapps\common\7 Days To Die\7dLauncher.exe () [Brak podpisu cyfrowego] FirewallRules: [{6BD722BB-BFB4-4C90-9CBB-223E0D4CC1BF}] => (Allow) F:\SteamLibrary\steamapps\common\7 Days To Die\7dLauncher.exe () [Brak podpisu cyfrowego] FirewallRules: [{E29493CD-CB04-4323-8A63-6C9369CEE9DD}] => (Allow) F:\SteamLibrary\steamapps\common\Stumble Guys\Stumble Guys.exe () [Brak podpisu cyfrowego] FirewallRules: [{E2EDF4F1-CFE3-47E5-9B2E-14B959A4AF3F}] => (Allow) F:\SteamLibrary\steamapps\common\Stumble Guys\Stumble Guys.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{9C7F1B52-923A-4343-85FA-7C1CCF6BC6EC}D:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) D:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [UDP Query User{DBAB9DC1-4AC7-4363-A83D-0C65157C5058}D:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) D:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [TCP Query User{DA82139F-487A-4934-A9AA-CE0B2A29ADA5}D:\grand theft auto v\gta5.exe] => (Allow) D:\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{A40D04FF-F9A6-40E1-AC49-8491BFA793A4}D:\grand theft auto v\gta5.exe] => (Allow) D:\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [TCP Query User{E04EFEE5-E544-4D59-9476-DC19EBD32816}G:\torrent\farthest.frontier.v0.7.5f\farthest.frontier.v0.7.5f\farthest frontier.exe] => (Allow) G:\torrent\farthest.frontier.v0.7.5f\farthest.frontier.v0.7.5f\farthest frontier.exe () [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{F8D71908-71CA-4BAC-AB86-E5F48AAB632B}G:\torrent\farthest.frontier.v0.7.5f\farthest.frontier.v0.7.5f\farthest frontier.exe] => (Allow) G:\torrent\farthest.frontier.v0.7.5f\farthest.frontier.v0.7.5f\farthest frontier.exe () [Brak podpisu cyfrowego] FirewallRules: [{F7E8E493-3D61-46C0-9845-EF18ACB86D72}] => (Allow) D:\Steam\steamapps\common\Horizon Zero Dawn\HorizonZeroDawn.exe () [Brak podpisu cyfrowego] FirewallRules: [{56FB9EAF-2237-4A3F-8DD3-140E98839DB5}] => (Allow) D:\Steam\steamapps\common\Horizon Zero Dawn\HorizonZeroDawn.exe () [Brak podpisu cyfrowego] FirewallRules: [{CE6600CF-73F7-40F9-82A6-6C7901B864B8}] => (Allow) C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe (Famatech Corp. -> Famatech Corp.) FirewallRules: [{FA889110-8CF1-4393-8FC9-BE4A3613FEDA}] => (Allow) D:\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe () [Brak podpisu cyfrowego] FirewallRules: [{6E438DEC-B7C0-4CA2-B1DB-BE8A7CE6F9C6}] => (Allow) D:\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{F3EFA150-455B-4503-BAC2-96A8DD0D0491}D:\steam\steamapps\common\projectzomboid\jre64\bin\java.exe] => (Allow) D:\steam\steamapps\common\projectzomboid\jre64\bin\java.exe FirewallRules: [UDP Query User{33CC826D-64E9-470C-AF32-7879022C65FC}D:\steam\steamapps\common\projectzomboid\jre64\bin\java.exe] => (Allow) D:\steam\steamapps\common\projectzomboid\jre64\bin\java.exe FirewallRules: [{85CE74C2-277F-4735-9BDB-A6688F9A320B}] => (Block) D:\steam\steamapps\common\projectzomboid\jre64\bin\java.exe FirewallRules: [{F0E3C4BE-CD16-4FAF-8E16-16E297CB25A7}] => (Block) D:\steam\steamapps\common\projectzomboid\jre64\bin\java.exe FirewallRules: [TCP Query User{983C58B1-9503-4C48-905B-EFF3D5D20807}D:\fallguys\fallguys_client_game.exe] => (Allow) D:\fallguys\fallguys_client_game.exe () [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{5F43340D-5C97-4185-A45A-557830B7E9FC}D:\fallguys\fallguys_client_game.exe] => (Allow) D:\fallguys\fallguys_client_game.exe () [Brak podpisu cyfrowego] FirewallRules: [{A1A9896D-3258-4A1C-8343-046F4EB5D60C}] => (Allow) D:\Steam\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe (Warner Bros. Interactive) [Brak podpisu cyfrowego] FirewallRules: [{77D9B88F-390B-43A6-BEF7-F8EA5D39531D}] => (Allow) D:\Steam\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe (Warner Bros. Interactive) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{4E50B7D3-0422-401B-B2CC-F990E885C4EE}D:\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) D:\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe (Respawn Entertainment) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{C59C1C22-D504-4276-89D0-C85F81E2F528}D:\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) D:\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe (Respawn Entertainment) [Brak podpisu cyfrowego] FirewallRules: [{EB0B14AF-BEA4-4B3A-BD56-D1433F0AB82A}] => (Block) D:\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe (Respawn Entertainment) [Brak podpisu cyfrowego] FirewallRules: [{A8DE2AEB-3233-42A7-B6B5-310E176BE66D}] => (Block) D:\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe (Respawn Entertainment) [Brak podpisu cyfrowego] FirewallRules: [{089D29FB-C3B8-4CC3-B7D9-F65D8A5D4A61}] => (Allow) D:\Steam\steamapps\common\Sons Of The Forest\SonsOfTheForest.exe () [Brak podpisu cyfrowego] FirewallRules: [{9C10BD10-4986-49A1-A654-514C5D3E6DE7}] => (Allow) D:\Steam\steamapps\common\Sons Of The Forest\SonsOfTheForest.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{7E2BEB6B-253C-48BF-815C-992348140FB3}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{19AC6F11-CC98-4A2C-AE9E-18EF1CC0FB75}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{60D18D6B-6237-48AE-AAB4-4B30B0C74F6F}] => (Block) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{B41AF2F3-AE33-4249-82F9-26F1CDE570F2}] => (Block) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{775A9A9E-A343-45ED-96E1-806F49AF3890}] => (Allow) D:\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> ) FirewallRules: [{2523862C-F4AF-43C8-9245-DAE7B124FF97}] => (Allow) D:\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> ) FirewallRules: [TCP Query User{613DBB9F-60F4-442E-8B23-6E25A0F059D0}D:\dying light 2 stay human\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe] => (Allow) D:\dying light 2 stay human\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe (Techland S.A. -> Techland) FirewallRules: [UDP Query User{0E90C9F8-5346-4AC1-919A-69E3FCE2C3EC}D:\dying light 2 stay human\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe] => (Allow) D:\dying light 2 stay human\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe (Techland S.A. -> Techland) FirewallRules: [{D4389BE1-E482-4AF0-81B8-1F211C2B0C01}] => (Block) D:\dying light 2 stay human\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe (Techland S.A. -> Techland) FirewallRules: [{8742E52C-3698-468B-936B-C6C4F6E17C23}] => (Block) D:\dying light 2 stay human\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe (Techland S.A. -> Techland) FirewallRules: [{FFE09DF7-9BFE-40FB-B476-180436712D4B}] => (Allow) D:\Steam\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) FirewallRules: [{4750DC11-77F0-4797-ADAB-DAA6E60F4F99}] => (Allow) D:\Steam\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) FirewallRules: [TCP Query User{061F5330-5335-4887-A8FF-8117350E6B18}D:\pobrane pliki\zclient.exe] => (Allow) D:\pobrane pliki\zclient.exe (ZLOFENIX) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{5033912B-EBD3-4395-8D32-AF89749E1B71}D:\pobrane pliki\zclient.exe] => (Allow) D:\pobrane pliki\zclient.exe (ZLOFENIX) [Brak podpisu cyfrowego] FirewallRules: [{CAB6D25B-729E-434A-8B29-9261119CC35C}] => (Block) D:\pobrane pliki\zclient.exe (ZLOFENIX) [Brak podpisu cyfrowego] FirewallRules: [{FB6AC555-1B8F-43E0-8E61-D9CDFF3B5E55}] => (Block) D:\pobrane pliki\zclient.exe (ZLOFENIX) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{FB1F34C7-C4F1-4EBD-AFC0-257294BC6BF1}D:\soldat\soldat.exe] => (Allow) D:\soldat\soldat.exe (Michal Marcinkowski) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{6FB822D8-8FCB-46DE-92E1-859365F4602E}D:\soldat\soldat.exe] => (Allow) D:\soldat\soldat.exe (Michal Marcinkowski) [Brak podpisu cyfrowego] FirewallRules: [{AE9249BB-5AB0-41A2-8F66-E9AD75B29BC8}] => (Block) D:\soldat\soldat.exe (Michal Marcinkowski) [Brak podpisu cyfrowego] FirewallRules: [{36A480F2-B93A-4A6C-935E-41A3C7BE7593}] => (Block) D:\soldat\soldat.exe (Michal Marcinkowski) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{A8F639DF-D916-4F9F-B812-62E2FBF5304D}D:\pobrane pliki\songs of conquest\songsofconquest.exe] => (Allow) D:\pobrane pliki\songs of conquest\songsofconquest.exe => Brak pliku FirewallRules: [UDP Query User{7679F44A-3BBB-41F0-816A-E3E5814EA69D}D:\pobrane pliki\songs of conquest\songsofconquest.exe] => (Allow) D:\pobrane pliki\songs of conquest\songsofconquest.exe => Brak pliku FirewallRules: [{58E898A5-B9E9-4319-BDCE-98CBD66CC0CB}] => (Block) D:\pobrane pliki\songs of conquest\songsofconquest.exe => Brak pliku FirewallRules: [{9FAFF727-1561-4B30-8BB3-96F724E7A750}] => (Block) D:\pobrane pliki\songs of conquest\songsofconquest.exe => Brak pliku FirewallRules: [{C605CBA7-8BFF-460A-B20C-46221A23177C}] => (Allow) D:\Steam\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [Brak podpisu cyfrowego] FirewallRules: [{A4A43870-F7A0-4E0B-9389-EE8AF1E9E38F}] => (Allow) D:\Steam\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{A0D078AC-920E-49F6-A7DA-B1D3A17C3477}D:\brackets\node.exe] => (Allow) D:\brackets\node.exe (Adobe Inc. -> Node.js) FirewallRules: [UDP Query User{00F9582B-7F19-4CD3-AE42-6278E2939D87}D:\brackets\node.exe] => (Allow) D:\brackets\node.exe (Adobe Inc. -> Node.js) FirewallRules: [{E0ECF251-AE45-41D5-9E36-D8AC97E739EE}] => (Block) D:\brackets\node.exe (Adobe Inc. -> Node.js) FirewallRules: [{E2E3CF58-C143-44AB-B64B-20B3F510A06B}] => (Block) D:\brackets\node.exe (Adobe Inc. -> Node.js) FirewallRules: [TCP Query User{FEF5D743-942F-4CE3-AD39-71472FFEAD70}D:\steam\steamapps\common\fifa 23\fifa23.exe] => (Allow) D:\steam\steamapps\common\fifa 23\fifa23.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [UDP Query User{ACFE5275-E568-4CF4-A695-5E5AA2E5EED1}D:\steam\steamapps\common\fifa 23\fifa23.exe] => (Allow) D:\steam\steamapps\common\fifa 23\fifa23.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{0C2CC583-C03F-4563-B053-CAFFC8FCA4A3}] => (Block) D:\steam\steamapps\common\fifa 23\fifa23.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{48658A78-51FA-4106-B16E-C5556BB2E685}] => (Block) D:\steam\steamapps\common\fifa 23\fifa23.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{D49CAEBF-5660-438E-B32F-DD86F19905D9}] => (Allow) D:\Steam\steamapps\common\Fishing Planet\FishingPlanet.exe () [Brak podpisu cyfrowego] FirewallRules: [{D7E8A2AB-AC3E-4575-B0BA-B85F8AB66E60}] => (Allow) D:\Steam\steamapps\common\Fishing Planet\FishingPlanet.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{81E3E0DD-6C1B-4AB1-9141-231915C82F79}C:\users\rafal\downloads\pummel party v1.13\pummel party\pummelparty.exe] => (Allow) C:\users\rafal\downloads\pummel party v1.13\pummel party\pummelparty.exe => Brak pliku FirewallRules: [UDP Query User{9036A025-ECCD-4FC7-9E30-B00FD63C3D0C}C:\users\rafal\downloads\pummel party v1.13\pummel party\pummelparty.exe] => (Allow) C:\users\rafal\downloads\pummel party v1.13\pummel party\pummelparty.exe => Brak pliku FirewallRules: [{2BA29E76-8879-4CEC-9678-CD74823D54D5}] => (Block) C:\users\rafal\downloads\pummel party v1.13\pummel party\pummelparty.exe => Brak pliku FirewallRules: [{89C00915-C22B-4C6E-949E-36407EED0B75}] => (Block) C:\users\rafal\downloads\pummel party v1.13\pummel party\pummelparty.exe => Brak pliku FirewallRules: [TCP Query User{6BB76C4F-EB20-485C-969D-B915AB097C80}C:\users\rafal\downloads\running with rifles\rwr_config.exe] => (Allow) C:\users\rafal\downloads\running with rifles\rwr_config.exe => Brak pliku FirewallRules: [UDP Query User{1B4F8B39-233C-46FA-9CC9-75CD0D7058BE}C:\users\rafal\downloads\running with rifles\rwr_config.exe] => (Allow) C:\users\rafal\downloads\running with rifles\rwr_config.exe => Brak pliku FirewallRules: [{C9D051DD-344C-4A9C-8B6D-8631A9F5DD38}] => (Block) C:\users\rafal\downloads\running with rifles\rwr_config.exe => Brak pliku FirewallRules: [{1F404FE8-A2C0-475D-9FBC-52A874770A4F}] => (Block) C:\users\rafal\downloads\running with rifles\rwr_config.exe => Brak pliku FirewallRules: [TCP Query User{09FE2A6C-AFFC-457C-AD55-533A750EF23A}C:\users\rafal\downloads\running with rifles\rwr_game.exe] => (Allow) C:\users\rafal\downloads\running with rifles\rwr_game.exe => Brak pliku FirewallRules: [UDP Query User{1B6072EB-B77C-466D-86DA-8CA1C0682827}C:\users\rafal\downloads\running with rifles\rwr_game.exe] => (Allow) C:\users\rafal\downloads\running with rifles\rwr_game.exe => Brak pliku FirewallRules: [{22D52B8D-2D3D-4CD1-9864-8BA63492E688}] => (Block) C:\users\rafal\downloads\running with rifles\rwr_game.exe => Brak pliku FirewallRules: [{FBD8284F-B323-457B-87CB-08E599F8A545}] => (Block) C:\users\rafal\downloads\running with rifles\rwr_game.exe => Brak pliku FirewallRules: [TCP Query User{C1A69D10-2C10-420E-A777-D4C0D2AF0028}C:\users\rafal\downloads\running with rifles\rwr_server.exe] => (Allow) C:\users\rafal\downloads\running with rifles\rwr_server.exe => Brak pliku FirewallRules: [UDP Query User{527076F1-5A13-404F-BFA5-1F722FB8BE19}C:\users\rafal\downloads\running with rifles\rwr_server.exe] => (Allow) C:\users\rafal\downloads\running with rifles\rwr_server.exe => Brak pliku FirewallRules: [{18CEFFD8-29D7-4795-BFF1-7162FC34E4F2}] => (Block) C:\users\rafal\downloads\running with rifles\rwr_server.exe => Brak pliku FirewallRules: [{61D6E796-3CA3-49FB-9BBB-C6A15FD10259}] => (Block) C:\users\rafal\downloads\running with rifles\rwr_server.exe => Brak pliku FirewallRules: [TCP Query User{2B22BAB1-C091-47B8-A227-595EB5CF8915}D:\worms\worms clan wars\wormsclanwars.exe] => (Allow) D:\worms\worms clan wars\wormsclanwars.exe => Brak pliku FirewallRules: [UDP Query User{5BD31F4D-33CE-4773-AE5F-7E8D2547D488}D:\worms\worms clan wars\wormsclanwars.exe] => (Allow) D:\worms\worms clan wars\wormsclanwars.exe => Brak pliku FirewallRules: [{DAFFA29A-2969-4EB4-991B-EC7E14D546A9}] => (Block) D:\worms\worms clan wars\wormsclanwars.exe => Brak pliku FirewallRules: [{DA822734-C91E-47D2-9525-335CDC86C42E}] => (Block) D:\worms\worms clan wars\wormsclanwars.exe => Brak pliku FirewallRules: [TCP Query User{4ABC33BB-7F6B-4CD4-ABD2-44BE7F045514}D:\gry\smalland survive the wilds\smalland\binaries\win64\smalland-win64-shipping.exe] => (Allow) D:\gry\smalland survive the wilds\smalland\binaries\win64\smalland-win64-shipping.exe (Epic Games, Inc.) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{ACE3448D-4382-4CEF-87ED-6671F407E64E}D:\gry\smalland survive the wilds\smalland\binaries\win64\smalland-win64-shipping.exe] => (Allow) D:\gry\smalland survive the wilds\smalland\binaries\win64\smalland-win64-shipping.exe (Epic Games, Inc.) [Brak podpisu cyfrowego] FirewallRules: [{78AF7BC7-8674-43D7-9A98-080D3C85AADB}] => (Block) D:\gry\smalland survive the wilds\smalland\binaries\win64\smalland-win64-shipping.exe (Epic Games, Inc.) [Brak podpisu cyfrowego] FirewallRules: [{3EA34DB2-3A28-456C-996E-82D838C78D20}] => (Block) D:\gry\smalland survive the wilds\smalland\binaries\win64\smalland-win64-shipping.exe (Epic Games, Inc.) [Brak podpisu cyfrowego] FirewallRules: [{88A9EFE5-05EA-4999-88DE-B51366AE3B2A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{57732713-4E5F-4956-95D2-00BBCBB48C60}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{55421B35-DD6F-460F-858F-830757947969}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{663EAB96-C243-4B51-9D5E-11EC1FBB399F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{EC3420C4-13DF-4A4B-848E-506CB6ACA318}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{B5374BC1-0321-4D99-8432-EFE1B78A87C2}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.55\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Punkty Przywracania systemu ========================= 01-10-2023 15:15:05 Zaplanowany punkt kontrolny 04-10-2023 20:24:25 Revo Uninstaller's restore point - Google Chrome ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (10/06/2023 08:38:40 PM) (Source: CertEnroll) (EventID: 86) (User: ZARZĄDZANIE NT) Description: Inicjowanie rejestracji certyfikatu SCEP dla elementu WORKGROUP\DESKTOP-VPV7EFQ$ za pośrednictwem elementu https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep nie powiodło się: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Fri, 06 Oct 2023 18:38:38 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: d2716967-db13-4f4a-96d0-d487abe31f04 Metoda: GET(469ms) Etap: GetCACaps Nieznaleziony (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (10/06/2023 08:29:45 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, Trwa proces zamykania systemu. ] Error: (10/06/2023 08:29:37 PM) (Source: CertEnroll) (EventID: 86) (User: ZARZĄDZANIE NT) Description: Inicjowanie rejestracji certyfikatu SCEP dla elementu WORKGROUP\DESKTOP-VPV7EFQ$ za pośrednictwem elementu https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep nie powiodło się: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Fri, 06 Oct 2023 18:29:35 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: d220b320-1e4e-469c-a338-603d32bf1251 Metoda: GET(438ms) Etap: GetCACaps Nieznaleziony (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (10/06/2023 08:22:45 PM) (Source: CertEnroll) (EventID: 86) (User: ZARZĄDZANIE NT) Description: Inicjowanie rejestracji certyfikatu SCEP dla elementu WORKGROUP\DESKTOP-VPV7EFQ$ za pośrednictwem elementu https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep nie powiodło się: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Fri, 06 Oct 2023 18:22:43 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 44ca5e18-f314-4506-87b6-60fb65e94132 Metoda: GET(438ms) Etap: GetCACaps Nieznaleziony (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (10/06/2023 07:46:43 PM) (Source: CertEnroll) (EventID: 86) (User: ZARZĄDZANIE NT) Description: Inicjowanie rejestracji certyfikatu SCEP dla elementu WORKGROUP\DESKTOP-VPV7EFQ$ za pośrednictwem elementu https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep nie powiodło się: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Fri, 06 Oct 2023 17:46:40 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: f2a053da-285b-4afb-935b-a9e0ce300dde Metoda: GET(407ms) Etap: GetCACaps Nieznaleziony (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (10/06/2023 06:46:57 PM) (Source: CertEnroll) (EventID: 86) (User: ZARZĄDZANIE NT) Description: Inicjowanie rejestracji certyfikatu SCEP dla elementu WORKGROUP\DESKTOP-VPV7EFQ$ za pośrednictwem elementu https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep nie powiodło się: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Fri, 06 Oct 2023 16:46:55 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 09209341-f177-497f-a2a4-e93ae5772c15 Metoda: GET(406ms) Etap: GetCACaps Nieznaleziony (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (10/05/2023 09:14:38 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program SearchApp.exe w wersji 10.0.19041.3516 przestał współpracować z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemów w oknie Zabezpieczenia i konserwacja w Panelu sterowania. Identyfikator procesu: 1f64 Godzina rozpoczęcia: 01d9f7ba106f458f Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe Identyfikator raportu: e7357512-f709-4305-8459-11b5a89f37e9 Pełna nazwa pakietu powodującego błąd: Microsoft.Windows.Search_1.14.10.19041_neutral_neutral_cw5n1h2txyewy Identyfikator aplikacji powiązanej z pakietem powodującym błąd: CortanaUI Typ zawieszenia: Quiesce Error: (10/05/2023 08:30:52 PM) (Source: CertEnroll) (EventID: 86) (User: ZARZĄDZANIE NT) Description: Inicjowanie rejestracji certyfikatu SCEP dla elementu WORKGROUP\DESKTOP-VPV7EFQ$ za pośrednictwem elementu https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep nie powiodło się: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Thu, 05 Oct 2023 18:30:50 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 30b155d9-e6c7-4e5e-b244-1edc78653aa3 Metoda: GET(437ms) Etap: GetCACaps Nieznaleziony (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Dziennik System: ============= Error: (10/06/2023 08:38:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi AMDRyzenMasterDriverV22 z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (10/06/2023 08:38:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi AMDRyzenMasterDriverV22 z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (10/06/2023 08:38:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi AMDRyzenMasterDriverV22 z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (10/06/2023 08:37:23 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-VPV7EFQ) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi SecurityHealthService z argumentami Niedostępny w celu uruchomienia serwera: {F99A566C-42AE-4DE2-AD4D-D297A04C5433} Error: (10/06/2023 08:37:21 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-VPV7EFQ) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi UsoSvc z argumentami Niedostępny w celu uruchomienia serwera: {B91D5831-B1BD-4608-8198-D72E155020F7} Error: (10/06/2023 08:37:21 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-VPV7EFQ) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi netprofm z argumentami Niedostępny w celu uruchomienia serwera: {A47979D2-C419-11D9-A5B4-001185AD2B89} Error: (10/06/2023 08:37:20 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-VPV7EFQ) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi UsoSvc z argumentami Niedostępny w celu uruchomienia serwera: {B91D5831-B1BD-4608-8198-D72E155020F7} Error: (10/06/2023 08:37:20 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-VPV7EFQ) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi netprofm z argumentami Niedostępny w celu uruchomienia serwera: {A47979D2-C419-11D9-A5B4-001185AD2B89} Windows Defender: ================ Date: 2023-10-01 20:13:51 Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {3B0D8946-8470-4C60-BCF8-535621B359D4} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2023-09-27 19:16:30 Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {5BC1E885-C7BA-4C6F-B8ED-A8F30AA7114B} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2023-09-24 11:15:53 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/Packunwan&threatid=298189&enterprise=0 Nazwa: PUA:Win32/Packunwan Identyfikator: 298189 Ważność: Niski Kategoria: Potencjalnie niechciane oprogramowanie Ścieżka: containerfile:_C:\Users\rafal\Downloads\WCW_Fix_Repair_Steam_Generic.rar; file:_C:\Users\rafal\Downloads\WCW_Fix_Repair_Steam_Generic.rar->WCW_Fix_Repair_Steam_Generic\OnlineFix.dll; file:_C:\Users\rafal\Downloads\WCW_Fix_Repair_Steam_Generic\OnlineFix.dll; file:_D:\worms\Worms Clan Wars\OnlineFix.dll; webfile:_C:\Users\rafal\Downloads\WCW_Fix_Repair_Steam_Generic.rar|https://fs8.bowfile.com/token/download/dl/hZ5j/WCW_Fix_Repair_Steam_Generic.rar?download_token=81d6b868c7feb1e01d395d15e51371639ecfa87769456fd96a021838739deb8e|pid:10016,ProcessStart:133399588049267160 Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: FastPath Źródło wykrycia: Pobrania i załączniki Użytkownik: Nazwa procesu: D:\worms\Worms Clan Wars\WormsClanWars.exe Wersja analizy zabezpieczeń: AV: 1.397.1485.0, AS: 1.397.1485.0, NIS: 1.397.1485.0 Wersja aparatu: AM: 1.1.23080.2005, NIS: 1.1.23080.2005 Date: 2023-09-24 11:07:41 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/Packunwan&threatid=298189&enterprise=0 Nazwa: PUA:Win32/Packunwan Identyfikator: 298189 Ważność: Niski Kategoria: Potencjalnie niechciane oprogramowanie Ścieżka: containerfile:_C:\Users\rafal\Downloads\WCW_Fix_Repair_Steam_Generic.rar; file:_C:\Users\rafal\Downloads\WCW_Fix_Repair_Steam_Generic.rar->WCW_Fix_Repair_Steam_Generic\OnlineFix.dll; file:_C:\Users\rafal\Downloads\WCW_Fix_Repair_Steam_Generic\OnlineFix.dll; file:_D:\worms\Worms Clan Wars\OnlineFix.dll; webfile:_C:\Users\rafal\Downloads\WCW_Fix_Repair_Steam_Generic.rar|https://fs8.bowfile.com/token/download/dl/hZ5j/WCW_Fix_Repair_Steam_Generic.rar?download_token=81d6b868c7feb1e01d395d15e51371639ecfa87769456fd96a021838739deb8e|pid:10016,ProcessStart:133399588049267160 Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: FastPath Źródło wykrycia: Pobrania i załączniki Użytkownik: Nazwa procesu: C:\Windows\explorer.exe Wersja analizy zabezpieczeń: AV: 1.397.1485.0, AS: 1.397.1485.0, NIS: 1.397.1485.0 Wersja aparatu: AM: 1.1.23080.2005, NIS: 1.1.23080.2005 Date: 2023-09-24 11:07:40 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/Packunwan&threatid=298189&enterprise=0 Nazwa: PUA:Win32/Packunwan Identyfikator: 298189 Ważność: Niski Kategoria: Potencjalnie niechciane oprogramowanie Ścieżka: containerfile:_C:\Users\rafal\Downloads\WCW_Fix_Repair_Steam_Generic.rar; file:_C:\Users\rafal\Downloads\WCW_Fix_Repair_Steam_Generic.rar->WCW_Fix_Repair_Steam_Generic\OnlineFix.dll; file:_C:\Users\rafal\Downloads\WCW_Fix_Repair_Steam_Generic\OnlineFix.dll; file:_D:\worms\Worms Clan Wars\OnlineFix.dll; webfile:_C:\Users\rafal\Downloads\WCW_Fix_Repair_Steam_Generic.rar|https://fs8.bowfile.com/token/download/dl/hZ5j/WCW_Fix_Repair_Steam_Generic.rar?download_token=81d6b868c7feb1e01d395d15e51371639ecfa87769456fd96a021838739deb8e|pid:10016,ProcessStart:133399588049267160 Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: FastPath Źródło wykrycia: Pobrania i załączniki Użytkownik: Nazwa procesu: D:\worms\Worms Clan Wars\WormsClanWars.exe Wersja analizy zabezpieczeń: AV: 1.397.1485.0, AS: 1.397.1485.0, NIS: 1.397.1485.0 Wersja aparatu: AM: 1.1.23080.2005, NIS: 1.1.23080.2005 Event[0]: Date: 2023-10-06 20:32:20 Description: Agent ochrony w czasie rzeczywistym produktu Program antywirusowy Microsoft Defender wykrył błąd i jego uruchomienie nie powiodło się. Funkcja: Przy dostępie Kod błędu: 0x8007043c Opis błędu: Tej usługi nie można uruchomić w trybie awaryjnym Przyczyna: Analiza zabezpieczeń dla oprogramowania chroniącego przed złośliwym kodem przestała działać z nieznanej przyczyny. W niektórych przypadkach problem można rozwiązać, uruchamiając ponownie usługę. CodeIntegrity: =============== Date: 2023-10-06 20:52:38 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. Date: 2023-09-30 13:27:18 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== BIOS: American Megatrends International, LLC. H.G0 07/26/2022 Płyta główna: Micro-Star International Co., Ltd B450 GAMING PLUS MAX (MS-7B86) Procesor: AMD Ryzen 5 3600 6-Core Processor Procent pamięci w użyciu: 17% Całkowita pamięć fizyczna: 32693.58 MB Dostępna pamięć fizyczna: 26989.36 MB Całkowita pamięć wirtualna: 34741.58 MB Dostępna pamięć wirtualna: 24782.27 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:100.92 GB) (Free:29.65 GB) (Model: WD Blue SN570 2TB) NTFS Drive d: () (Fixed) (Total:1761.45 GB) (Free:502.47 GB) (Model: WD Blue SN570 2TB) NTFS Drive e: () (Fixed) (Total:111.17 GB) (Free:18.33 GB) (Model: GOODRAM) NTFS Drive f: () (Fixed) (Total:931.39 GB) (Free:397.37 GB) (Model: ST1000DM003-1SB102) NTFS Drive g: () (Fixed) (Total:931.5 GB) (Free:176.6 GB) (Model: ST1000LM035-1RK172) NTFS Drive h: (Nowy) (Fixed) (Total:465.75 GB) (Free:33.51 GB) (Model: SAMSUNG HD502IJ) NTFS \\?\Volume{d3fc7441-9295-46f6-ac86-5430d7634cf3}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS \\?\Volume{977cc37d-e6b1-4beb-85aa-006268ff9f70}\ () (Fixed) (Total:0.53 GB) (Free:0.06 GB) NTFS \\?\Volume{29f9a453-b1cb-42ea-a992-fd79534440cd}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 \\?\Volume{8a13293d-788d-40af-8cac-9ed0c8de9529}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 2 (Size: 465.8 GB) (Disk ID: 00000001) Partition: GPT. ========================================================== Disk: 3 (Size: 931.5 GB) (Disk ID: D9FA2484) Partition: GPT. ========================================================== Disk: 4 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000) Partition: GPT. ==================== Koniec Addition.txt =======================