CreateRestorePoint: CloseProcesses: EmptyTemp: File: C:\Users\Jest świetnie\AppData\Roaming\.dllbackups\dllruntime.exe HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-711159465-1110817218-2328447737-1001\...\Run: [electron.app.dllservices] => C:\Users\Jest świetnie\AppData\Roaming\.dllbackups\dllruntime.exe [63924368 2021-10-18] (Microsoft Corporation) [Brak podpisu cyfrowego] Tcpip\..\Interfaces\{676978f0-841f-4aa4-a474-787fa5e0b9bf}: [DhcpNameServer] 192.168.1.254 2021-12-11 16:26 - 2021-10-18 17:03 - 000000000 ____D C:\Users\Jest świetnie\AppData\Roaming\dll-propagation 2021-12-11 16:26 - 2021-10-18 17:01 - 000000000 ____D C:\Users\Jest świetnie\AppData\Roaming\dllservices AlternateDataStreams: C:\Users\Jest świetnie\Dane aplikacji:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\Jest świetnie\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [436] HKU\S-1-5-21-711159465-1110817218-2328447737-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gazeta.pl/0,0.html?p=190 FirewallRules: [UDP Query User{12C8BFF8-BA84-418C-9768-74E183850D72}F:\program files (x86)\steam\steamapps\common\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe => Brak pliku FirewallRules: [TCP Query User{AA593D31-4C24-4EEF-81E7-5E24FC525574}F:\program files (x86)\steam\steamapps\common\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe => Brak pliku FirewallRules: [UDP Query User{D2E1A840-7934-4CEA-AE32-5794FCC8E4FF}F:\program files (x86)\infestationnewz\newzlauncher.exe.new.exe] => (Allow) F:\program files (x86)\infestationnewz\newzlauncher.exe.new.exe => Brak pliku FirewallRules: [TCP Query User{0EE05004-3A7D-4273-8B7F-FA6E07E8FAC7}F:\program files (x86)\infestationnewz\newzlauncher.exe.new.exe] => (Allow) F:\program files (x86)\infestationnewz\newzlauncher.exe.new.exe => Brak pliku FirewallRules: [{84E72516-1CF6-476C-B600-5B9D962C3414}] => (Allow) F:\Program Files (x86)\InfestationNewZ\Infestation_TheNewZ.exe => Brak pliku FirewallRules: [{82B681F2-4E5C-402C-BEA8-A2F03FEDFFD6}] => (Allow) F:\Program Files (x86)\InfestationNewZ\Infestation_BattleRoyale.exe => Brak pliku FirewallRules: [{6C8B00CD-D7BD-4C93-A8D9-96661D54A305}] => (Allow) F:\Program Files (x86)\InfestationNewZ\FacLauncher.exe => Brak pliku FirewallRules: [UDP Query User{18D5B7B2-D0B7-400E-8705-0F539A4DD767}F:\program files (x86)\infestationnewz\newzlauncher.exe] => (Allow) F:\program files (x86)\infestationnewz\newzlauncher.exe => Brak pliku FirewallRules: [TCP Query User{2D4DB0A2-3CF5-42D7-B243-1F793D8F4B05}F:\program files (x86)\infestationnewz\newzlauncher.exe] => (Allow) F:\program files (x86)\infestationnewz\newzlauncher.exe => Brak pliku FirewallRules: [{EC0642F9-0EA2-4F0D-81EA-65A635AD94B0}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Brak pliku FirewallRules: [{BBAB3105-1C0F-470F-A7F1-5CCEB72E3801}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Brak pliku FirewallRules: [{F5145AD0-9685-4B96-8F52-20A3FA374F79}] => (Allow) LPort=5354 FirewallRules: [{B8CADBB7-C73E-4233-A013-FB7BE0BE1CD6}] => (Allow) LPort=5354 FirewallRules: [{B9FCD4D8-72E1-4CF1-B805-BAC08A743764}] => (Allow) LPort=5354 FirewallRules: [{4B3B0A18-DD71-44CC-A7EE-372EAD5C4B0F}] => (Allow) LPort=5354 FirewallRules: [UDP Query User{08973AFD-F68C-44E6-9326-B168BAF6B13E}C:\users\jest świetnie\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Allow) C:\users\jest świetnie\appdata\local\programs\opera\65.0.3467.78\opera.exe => Brak pliku FirewallRules: [TCP Query User{31543181-8F91-492C-8581-057CAC9A1736}C:\users\jest świetnie\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Allow) C:\users\jest świetnie\appdata\local\programs\opera\65.0.3467.78\opera.exe => Brak pliku FirewallRules: [TCP Query User{93AF2034-E124-4B87-9526-4F02DFCC88CD}F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Brak pliku FirewallRules: [UDP Query User{E5E89B26-831D-42F5-82D5-D3A4B465D06F}F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Brak pliku FirewallRules: [{5A869DD0-87AF-4E4F-BCC0-9A003FC723CB}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.5.0\rekordboxAgent-win32-x64\rekordboxAgent.exe => Brak pliku FirewallRules: [{98EF3D80-7C4B-4959-B56C-B5FC713CBC60}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.5.0\rekordboxAgent-win32-x64\rekordboxAgent.exe => Brak pliku FirewallRules: [{0F4DDA62-C502-417D-8540-ABC34C9F0A43}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.5.0\rekordboxAgent-win32-x64\rekordboxAgent.exe => Brak pliku FirewallRules: [{92D4FCD1-D9C1-4526-B25D-EEA30F2275E6}] => (Allow) F:\Program Files\Pioneer\rekordbox 6.5.0\rekordboxAgent-win32-x64\rekordboxAgent.exe => Brak pliku FirewallRules: [{90E3D4BF-9256-4436-A472-7D31582EB16B}] => (Allow) F:\Program Files\Lightworks\ntcardvt.exe => Brak pliku FirewallRules: [{FB4B285B-9204-4616-A901-DB47FDAE6154}] => (Allow) F:\Program Files\Lightworks\ntcardvt.exe => Brak pliku FirewallRules: [{2B6AEDDD-0CCD-48EA-B30B-FF0B643379D4}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe => Brak pliku FirewallRules: [{58F602E2-BD66-48B6-A401-457203D2CAEB}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe => Brak pliku FirewallRules: [TCP Query User{32BF863A-CB7F-426C-8CB8-F89E9F4AFA0F}C:\users\jest świetnie\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\jest świetnie\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe => Brak pliku FirewallRules: [UDP Query User{3C838913-BA04-4DC6-822B-449FAE03D024}C:\users\jest świetnie\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\jest świetnie\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe => Brak pliku FirewallRules: [TCP Query User{1DA2D151-05E0-4BB8-B2A5-35BE29BF74A4}C:\users\jest świetnie\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\jest świetnie\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => Brak pliku FirewallRules: [UDP Query User{E7BA3F27-5E48-4C64-AF8F-A650256AE179}C:\users\jest świetnie\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\jest świetnie\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => Brak pliku FirewallRules: [TCP Query User{E6FD8A43-CA1E-4930-8168-7AD752785A52}C:\users\jest świetnie\appdata\local\temp\1xq0mkkmtm0ytel1jnxj2x0arfp\dll-propagation.exe] => (Block) C:\users\jest świetnie\appdata\local\temp\1xq0mkkmtm0ytel1jnxj2x0arfp\dll-propagation.exe (Microsoft Corporation) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{EC18EA9C-7F13-4FF5-A22A-A0E02C56FFD3}C:\users\jest świetnie\appdata\local\temp\1xq0mkkmtm0ytel1jnxj2x0arfp\dll-propagation.exe] => (Block) C:\users\jest świetnie\appdata\local\temp\1xq0mkkmtm0ytel1jnxj2x0arfp\dll-propagation.exe (Microsoft Corporation) [Brak podpisu cyfrowego] RemoveProxy: Hosts: FilesInDirectory: C:\users\jest świetnie\AppData\Local\*.exe;*.dll;*.ini FilesInDirectory: C:\users\jest świetnie\AppData\Roaming\*.exe;*.dll;*.ini CMD: dir /a "C:\users\jest świetnie\AppData\Roaming" CMD: dir /a "C:\users\jest świetnie\AppData\Local"