CreateRestorePoint: CloseProcesses: EmptyTemp: HKLM\...\Run: [] => [X] HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-3746824727-3175080848-809881633-1001\...\Run: [ABBYY Screenshot Reader Retail] => [X] HKU\S-1-5-21-3746824727-3175080848-809881633-1001\...\Run: [] => [X] HKU\S-1-5-21-3746824727-3175080848-809881633-1001\...\Run: [InstMP_Service] => C:\Users\tobayashi\AppData\Local\InstallShield\InstMP.exe GroupPolicy: Ograniczenia ? <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA Task: {6CF7EDE7-1A75-48EA-A143-95A936C9D74D} - System32\Tasks\{28B709C3-6403-4898-8E94-5A84DC3DCC75} => C:\Windows\system32\pcalua.exe -a C:\Users\tobayashi\Downloads\mednafen-1.24.3-win64\mednaffe.exe -d C:\Users\tobayashi\Downloads\mednafen-1.24.3-win64 Task: {B2C33636-E856-41FB-82AE-A6B221CFF85C} - System32\Tasks\{3DAEF29C-C3C0-468B-A0B1-E8094198AE8E} => C:\Windows\system32\pcalua.exe -a "C:\Users\tobayashi\Downloads\Worms 2 (1997) [Wersja PL]\w2.exe" -d "C:\Users\tobayashi\Downloads\Worms 2 (1997) [Wersja PL]" Tcpip\..\Interfaces\{BEB6B873-40D9-423D-B61B-8D9E9153AD6A}: [DhcpNameServer] 192.168.1.1 FF NewTab: Mozilla\Firefox\Profiles\46bxx60q.default -> hxxps://defaultsearch.co/homepage?hp=1&pId=IC150206&iDate=2020-06-03 02:02:34&bName=&bitmask=0450 FF NewTab: Mozilla\Firefox\Profiles\wl0no301.default-release -> hxxps://defaultsearch.co/homepage?hp=1&pId=IC150206&iDate=2020-06-03 02:02:34&bName=&bitmask=0450 FF Notifications: Mozilla\Firefox\Profiles\wl0no301.default-release -> hxxps://www.faceit.com R3 esihdrv; \??\C:\Users\TOBAYA~1\AppData\Local\Temp\esihdrv.sys [X] <==== UWAGA S3 GENERICDRV; \??\C:\Users\tobayashi\Desktop\Nowy folder (2)\50608-system\afuwin64\amifldrv64.sys [X] CustomCLSID: HKU\S-1-5-21-3746824727-3175080848-809881633-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\tobayashi\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20240.5\x64\Microsoft.Teams.AddinLoader.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-3746824727-3175080848-809881633-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\tobayashi\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20240.5\x64\Microsoft.Teams.AddinLoader.dll => Brak pliku AlternateDataStreams: C:\Windows\tracing:? [16] AlternateDataStreams: C:\Users\tobayashi\AppData\Local\Temp:$DATA​ [16] HKU\S-1-5-21-3746824727-3175080848-809881633-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-gb/?ocid=iehp SearchScopes: HKU\S-1-5-21-3746824727-3175080848-809881633-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FirewallRules: [TCP Query User{F9A80044-1C79-4CBA-B414-D5E0DF4B8249}C:\users\tobayashi\downloads\minetest-5.2.0-win64\bin\minetest.exe] => (Allow) C:\users\tobayashi\downloads\minetest-5.2.0-win64\bin\minetest.exe => Brak pliku FirewallRules: [UDP Query User{F47F7BB3-222E-42A9-A350-B58DD02D0DB2}C:\users\tobayashi\downloads\minetest-5.2.0-win64\bin\minetest.exe] => (Allow) C:\users\tobayashi\downloads\minetest-5.2.0-win64\bin\minetest.exe => Brak pliku FirewallRules: [TCP Query User{765DB795-FB2E-44CA-A05A-26CB98A7CB9E}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => Brak pliku FirewallRules: [UDP Query User{27840153-6ECB-4192-8A14-B9DC58091985}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => Brak pliku FirewallRules: [TCP Query User{C2F5E5CB-5E7E-401C-B4E5-0D24F5DFF9B8}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe => Brak pliku FirewallRules: [UDP Query User{464B798F-A1CA-4D41-8CA3-B560DF1E8558}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe => Brak pliku FirewallRules: [TCP Query User{8A1A7FC8-9068-4E4F-84C5-FA8FCDB0A143}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe => Brak pliku FirewallRules: [UDP Query User{68764E61-5E9A-4B93-8A35-C4200205ADD8}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe => Brak pliku FirewallRules: [TCP Query User{A0FF1CF0-18F1-4107-9640-3B80348D99D4}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => Brak pliku FirewallRules: [UDP Query User{3752141D-5D4C-4DBD-B03A-35788163D347}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => Brak pliku FirewallRules: [{E8DA9D5E-134F-4EFC-B30D-D6E6E4089817}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe => Brak pliku FirewallRules: [{5ADB36D0-D83C-481F-8F22-FF95DBC3BB83}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe => Brak pliku FirewallRules: [{074E9D41-E360-42B3-A665-8E5DBD13FF23}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe => Brak pliku FirewallRules: [{5F014536-89DB-4E53-B2AF-64F99D638309}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe => Brak pliku FirewallRules: [{F285AFB4-7C73-4C1B-AAEC-6B47358B981E}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe => Brak pliku FirewallRules: [{AD068998-D14D-4C52-BC05-091E2DA8315A}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe => Brak pliku FirewallRules: [{32C9C861-3EF4-421C-8EF2-E23E29E12582}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => Brak pliku FirewallRules: [{79FFABD4-8B78-44B1-BB1D-1A203CC6D490}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe => Brak pliku FirewallRules: [{9003CEBB-5AA0-40B2-BDFE-81DB8816F0A4}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe => Brak pliku FirewallRules: [{91FE570C-6AA8-4A4C-A542-9562F3DA2550}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe => Brak pliku FirewallRules: [TCP Query User{7F10FC94-2DA7-4199-8726-D3F11E071602}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe => Brak pliku FirewallRules: [UDP Query User{0E810D79-74BF-4EAE-BEF7-C3FAADD0C8DE}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe => Brak pliku FirewallRules: [TCP Query User{37AE2D52-5F0F-4EF7-9DCF-79115C9BE140}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe => Brak pliku FirewallRules: [UDP Query User{AD775221-C9A4-40F7-BCE3-180D67764768}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe => Brak pliku FirewallRules: [TCP Query User{AAB939A6-2057-4E35-8A1D-D6EF8D694DEF}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe => Brak pliku FirewallRules: [UDP Query User{72D81448-1DB7-4804-B711-D1ED13B9B6F1}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe => Brak pliku FirewallRules: [TCP Query User{E3A8A23C-FC55-4D2C-AA35-3A6436AF43BC}C:\gog games\quake iii\quake3.exe] => (Allow) C:\gog games\quake iii\quake3.exe => Brak pliku FirewallRules: [UDP Query User{DFDEFFD5-741F-4C1A-8D50-691885D25538}C:\gog games\quake iii\quake3.exe] => (Allow) C:\gog games\quake iii\quake3.exe => Brak pliku FirewallRules: [TCP Query User{E58B4B7E-EC98-4900-A08B-0B0644CC225E}C:\program files (x86)\ubisoft\ubisoft game launcher\games\hyper scape\hyperscape.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\hyper scape\hyperscape.exe => Brak pliku FirewallRules: [UDP Query User{0296E929-6E6D-462A-8F97-C1CEA89EDCDF}C:\program files (x86)\ubisoft\ubisoft game launcher\games\hyper scape\hyperscape.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\hyper scape\hyperscape.exe => Brak pliku FirewallRules: [TCP Query User{95948112-EE8B-4AF3-B2C9-0394A617B8F3}C:\users\tobayashi\desktop\rpcs3-v0.0.11-10800-43172918_win64\rpcs3.exe] => (Allow) C:\users\tobayashi\desktop\rpcs3-v0.0.11-10800-43172918_win64\rpcs3.exe => Brak pliku FirewallRules: [UDP Query User{090E9C91-0026-47C8-BEB1-D85F8E9D96B1}C:\users\tobayashi\desktop\rpcs3-v0.0.11-10800-43172918_win64\rpcs3.exe] => (Allow) C:\users\tobayashi\desktop\rpcs3-v0.0.11-10800-43172918_win64\rpcs3.exe => Brak pliku FirewallRules: [TCP Query User{6CB2E0DB-F0C3-4388-A24E-DD792ACE2F41}C:\users\tobayashi\desktop\xenia_master\xenia.exe] => (Allow) C:\users\tobayashi\desktop\xenia_master\xenia.exe => Brak pliku FirewallRules: [UDP Query User{857C4219-73DE-4735-8EDE-99CF0B8EE2AE}C:\users\tobayashi\desktop\xenia_master\xenia.exe] => (Allow) C:\users\tobayashi\desktop\xenia_master\xenia.exe => Brak pliku FirewallRules: [TCP Query User{B1C73882-675D-47A0-BCD2-F45745C228ED}C:\program files (x86)\r.g. mechanics\unreal tournament 3\binaries\ut3.exe] => (Allow) C:\program files (x86)\r.g. mechanics\unreal tournament 3\binaries\ut3.exe => Brak pliku FirewallRules: [UDP Query User{B0D817BA-C558-4CC7-8B3D-478299D2C3D3}C:\program files (x86)\r.g. mechanics\unreal tournament 3\binaries\ut3.exe] => (Allow) C:\program files (x86)\r.g. mechanics\unreal tournament 3\binaries\ut3.exe => Brak pliku FirewallRules: [TCP Query User{4F811F8C-9680-46D3-9095-41B5C1518D86}C:\program files (x86)\origin games\fifa 20 demo\fifa20_demo.exe] => (Allow) C:\program files (x86)\origin games\fifa 20 demo\fifa20_demo.exe => Brak pliku FirewallRules: [UDP Query User{4E3542D7-C9E1-478C-9A88-C78E15F9A602}C:\program files (x86)\origin games\fifa 20 demo\fifa20_demo.exe] => (Allow) C:\program files (x86)\origin games\fifa 20 demo\fifa20_demo.exe => Brak pliku FirewallRules: [TCP Query User{7D5B603E-B0F0-48C0-8BC5-023861CBF8DC}C:\games\halo the master chief collection\mcc\binaries\win64\mcc-win64-shipping.exe] => (Allow) C:\games\halo the master chief collection\mcc\binaries\win64\mcc-win64-shipping.exe => Brak pliku FirewallRules: [UDP Query User{7E422AA0-14AD-4E91-8C9E-44C2C73D1AD5}C:\games\halo the master chief collection\mcc\binaries\win64\mcc-win64-shipping.exe] => (Allow) C:\games\halo the master chief collection\mcc\binaries\win64\mcc-win64-shipping.exe => Brak pliku FirewallRules: [TCP Query User{6CB9BA80-3FA1-4CF0-9431-A26201CE33EF}C:\gog games\wrath aeon of ruin\wrath.exe] => (Allow) C:\gog games\wrath aeon of ruin\wrath.exe => Brak pliku FirewallRules: [UDP Query User{ABFA95D1-C62F-4F53-93AA-E596F8237172}C:\gog games\wrath aeon of ruin\wrath.exe] => (Allow) C:\gog games\wrath aeon of ruin\wrath.exe => Brak pliku FirewallRules: [TCP Query User{ED8C707C-7CBA-4239-8FAE-5FC2F47540AF}C:\gog games\star wars jedi knight - jedi academy\gamedata\jamp.exe] => (Allow) C:\gog games\star wars jedi knight - jedi academy\gamedata\jamp.exe => Brak pliku FirewallRules: [UDP Query User{721DF67B-A010-4C2B-8630-D0BAF9F6FC8D}C:\gog games\star wars jedi knight - jedi academy\gamedata\jamp.exe] => (Allow) C:\gog games\star wars jedi knight - jedi academy\gamedata\jamp.exe => Brak pliku FirewallRules: [TCP Query User{6478F810-3149-433A-A0BD-54EE1487706C}C:\users\tobayashi\downloads\hotshot.racing\hotshot racing\hotshotracing.exe] => (Allow) C:\users\tobayashi\downloads\hotshot.racing\hotshot racing\hotshotracing.exe => Brak pliku FirewallRules: [UDP Query User{CA8377C7-E9E0-4B61-A3F5-76EC4B30BFC5}C:\users\tobayashi\downloads\hotshot.racing\hotshot racing\hotshotracing.exe] => (Allow) C:\users\tobayashi\downloads\hotshot.racing\hotshot racing\hotshotracing.exe => Brak pliku FirewallRules: [TCP Query User{1629DF6B-71BB-4AE2-AB54-15897F37C997}C:\program files (x86)\worms\frontend.exe] => (Allow) C:\program files (x86)\worms\frontend.exe => Brak pliku FirewallRules: [UDP Query User{C82656F9-B8A3-4062-90CD-B3728DC39F57}C:\program files (x86)\worms\frontend.exe] => (Allow) C:\program files (x86)\worms\frontend.exe => Brak pliku FirewallRules: [TCP Query User{AE3CF3C6-AD8B-4EF5-BBB9-6EF91D6261E3}C:\gog games\soldier of fortune\sof.exe] => (Allow) C:\gog games\soldier of fortune\sof.exe => Brak pliku FirewallRules: [UDP Query User{31F58A64-8530-4291-BD4B-0849B6563306}C:\gog games\soldier of fortune\sof.exe] => (Allow) C:\gog games\soldier of fortune\sof.exe => Brak pliku FirewallRules: [TCP Query User{23144D4C-F9A3-4E7C-8A77-AAE4B44AFEFE}C:\gog games\8-bit hordes\clientg.exe] => (Allow) C:\gog games\8-bit hordes\clientg.exe => Brak pliku FirewallRules: [UDP Query User{009FCBD9-41C4-4451-8079-5DADC86B608D}C:\gog games\8-bit hordes\clientg.exe] => (Allow) C:\gog games\8-bit hordes\clientg.exe => Brak pliku FirewallRules: [TCP Query User{B695863B-34CA-42C1-9D5B-A98381B0C65A}C:\gog games\8-bit hordes\instanceserverg.exe] => (Allow) C:\gog games\8-bit hordes\instanceserverg.exe => Brak pliku FirewallRules: [UDP Query User{ECA262B3-A93A-4074-8FC3-1BA36D5C43EE}C:\gog games\8-bit hordes\instanceserverg.exe] => (Allow) C:\gog games\8-bit hordes\instanceserverg.exe => Brak pliku FirewallRules: [TCP Query User{B427A01F-91EA-4DB4-ACA4-C5CBD1BA1CAF}C:\program files\epic games\rs2v\binaries\win64\risingstorm2.exe] => (Allow) C:\program files\epic games\rs2v\binaries\win64\risingstorm2.exe => Brak pliku FirewallRules: [UDP Query User{00D24292-B504-48B7-A57C-6C8CCB2B59C1}C:\program files\epic games\rs2v\binaries\win64\risingstorm2.exe] => (Allow) C:\program files\epic games\rs2v\binaries\win64\risingstorm2.exe => Brak pliku FirewallRules: [TCP Query User{8E9DB20D-B0ED-43A2-B3FB-FFD446F5C2AE}C:\users\tobayashi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tobayashi\appdata\roaming\spotify\spotify.exe => Brak pliku FirewallRules: [UDP Query User{3FCD1070-0293-4C9F-9DD9-3A8CDDB22795}C:\users\tobayashi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tobayashi\appdata\roaming\spotify\spotify.exe => Brak pliku FirewallRules: [TCP Query User{60704FB6-1695-4361-9557-F67BD6B0C439}C:\games2\mortal kombat x\binaries\retail\mk10.exe] => (Allow) C:\games2\mortal kombat x\binaries\retail\mk10.exe => Brak pliku FirewallRules: [UDP Query User{FC8C4160-9004-4481-A65C-FD2917E201E0}C:\games2\mortal kombat x\binaries\retail\mk10.exe] => (Allow) C:\games2\mortal kombat x\binaries\retail\mk10.exe => Brak pliku FirewallRules: [TCP Query User{236608AC-A22D-43D4-8C8B-C54BFA23322A}C:\program files (x86)\call of duty 2\cod2mp_s.exe] => (Allow) C:\program files (x86)\call of duty 2\cod2mp_s.exe => Brak pliku FirewallRules: [UDP Query User{ED8D9672-9F0C-47F7-9B69-FDDC341AEE17}C:\program files (x86)\call of duty 2\cod2mp_s.exe] => (Allow) C:\program files (x86)\call of duty 2\cod2mp_s.exe => Brak pliku FirewallRules: [TCP Query User{24C8A0FD-A217-4EA3-8B19-783488F3497F}C:\Users\tobayashi\AppData\Local\InstallShield\instsh.exe] => (Allow) C:\Users\tobayashi\AppData\Local\InstallShield\instsh_x64.exe => Brak pliku FirewallRules: [TCP Query User{24C8A0FD-A217-4EA3-8B19-783488F3497F}C:\Users\tobayashi\AppData\Local\InstallShield\instsh_x86.exe] => (Allow) C:\Users\tobayashi\AppData\Local\InstallShield\instsh_x86.exe => Brak pliku FirewallRules: [UDP Query User{EFB7E5A6-6DC9-4DDD-9DE9-55C359633320}C:\users\konstantin\appdata\local\installshield\instsh_x86.exe] => (Allow) C:\Users\tobayashi\AppData\Local\InstallShield\instsh_x86.exe => Brak pliku FirewallRules: [UDP Query User{EFB7E5A6-6DC9-4DDD-9DE9-55C359633320}C:\users\konstantin\appdata\local\installshield\instsh_x64.exe] => (Allow) C:\Users\tobayashi\AppData\Local\InstallShield\instsh_x64.exe => Brak pliku FirewallRules: [TCP Query User{A36C8BDA-2A4B-4C5D-8944-3B4569AB1870}C:\games\age of empires 2 hd\launcher.exe] => (Allow) C:\games\age of empires 2 hd\launcher.exe => Brak pliku FirewallRules: [UDP Query User{6E0D36CF-4818-4207-A812-AB2800532CA6}C:\games\age of empires 2 hd\launcher.exe] => (Allow) C:\games\age of empires 2 hd\launcher.exe => Brak pliku FirewallRules: [TCP Query User{EB2FEE99-35AF-443F-AD37-CA1541974B3F}C:\games\age of empires 2 hd\aok hd.exe] => (Allow) C:\games\age of empires 2 hd\aok hd.exe => Brak pliku FirewallRules: [UDP Query User{7341C4AC-765E-4C72-9E9E-75B38B863F3F}C:\games\age of empires 2 hd\aok hd.exe] => (Allow) C:\games\age of empires 2 hd\aok hd.exe => Brak pliku FirewallRules: [TCP Query User{FEBC6383-CD92-4E77-9379-CEFB2E0D48A5}D:\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe] => (Allow) D:\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe => Brak pliku FirewallRules: [UDP Query User{AE2D35CF-2188-4ECF-8E5C-7536221E7B2E}D:\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe] => (Allow) D:\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe => Brak pliku FirewallRules: [{2BBF10BD-1F9E-4BF0-B591-AF231E885F33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BlackShot\System\blackshot.exe => Brak pliku FirewallRules: [{C0A280A1-014F-42DA-9A6F-180A175E650A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BlackShot\System\blackshot.exe => Brak pliku FirewallRules: [TCP Query User{6F1E1234-FFF3-4654-88B7-2D9B280F44B8}C:\gog games\original war\owarogl_sgui.exe] => (Allow) C:\gog games\original war\owarogl_sgui.exe => Brak pliku FirewallRules: [UDP Query User{70706C8D-A317-48E7-BA10-ACA7E9B724AC}C:\gog games\original war\owarogl_sgui.exe] => (Allow) C:\gog games\original war\owarogl_sgui.exe => Brak pliku Hosts: