Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 23.09.2018 Uruchomiony przez olesl (24-09-2018 21:46:25) Uruchomiony z C:\Users\olesl\Desktop Windows 10 Pro Wersja 1803 17134.285 (X64) (2018-05-23 19:51:51) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2360683318-3101315901-2434765935-500 - Administrator - Disabled) Gość (S-1-5-21-2360683318-3101315901-2434765935-501 - Limited - Disabled) Konto domyślne (S-1-5-21-2360683318-3101315901-2434765935-503 - Limited - Disabled) olesl (S-1-5-21-2360683318-3101315901-2434765935-1001 - Administrator - Enabled) => C:\Users\olesl WDAGUtilityAccount (S-1-5-21-2360683318-3101315901-2434765935-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-2360683318-3101315901-2434765935-1001\...\uTorrent) (Version: 3.5.4.44520 - BitTorrent Inc.) 3nity CD DVD Burner version 3.4.0.28 (HKLM-x32\...\{49310D8B-AF88-4212-B745-4A05BA4B3988}_is1) (Version: 3.4.0.28 - 3nity Softwares) ACA & MEP 2017 Object Enabler (HKLM\...\{28B89EEF-0004-0000-5102-CF3F3A09B77D}) (Version: 7.9.45.0 - Autodesk) Hidden ACAD Private (HKLM\...\{28B89EEF-0001-0000-3102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.108 - Adobe Systems Incorporated) Adobe Reader 6.0 CE (HKLM-x32\...\{AC76BA86-7AD7-1038-7646-CE0000000001}) (Version: 6.0 - Adobe Systems Incorporated) Aktualizacje NVIDIA 31.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.2.0.0 - NVIDIA Corporation) Hidden AutoCAD 2017 — Polski (Polish) (HKLM\...\{28B89EEF-0001-0415-2102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden AutoCAD 2017 (HKLM\...\{28B89EEF-0001-0000-0102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden AutoCAD 2017 Language Pack – Polski (Polish) (HKLM\...\{28B89EEF-0001-0415-1102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden Autodesk Advanced Material Library Image Library 2017 (HKLM-x32\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk) Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk) Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk) Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk) Barbarian Invasion (HKLM-x32\...\{FD69C8CB-6964-432C-98AB-A5A09ED50EEA}) (Version: 1.4 - ) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts) Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.1.0 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB) Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (HKLM-x32\...\InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version: - ) Hidden CPUID HWMonitor 1.35 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.35 - CPUID, Inc.) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd) Disciples II - Bunt Elfów (HKLM-x32\...\{92C0EEE0-EA16-4B95-84B6-A060B589081B}) (Version: 1.00.000 - ) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden Epic Games Launcher (HKLM-x32\...\{47BF3B09-07F0-4411-BB00-3EB481DB3220}) (Version: 1.1.125.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB) GameRanger (HKU\S-1-5-21-2360683318-3101315901-2434765935-1001\...\GameRanger) (Version: - GameRanger Technologies) GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - ) GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.1.77 - Riot Games, Inc.) Icewind Dale - Serce Zimy (HKLM-x32\...\{433BF933-81D6-4646-A318-3DE5DB6108F2}) (Version: - ) Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc) LogMeIn Hamachi (HKLM-x32\...\{892DB406-ADF8-4C30-9840-8438AF5B8763}) (Version: 2.2.0.607 - LogMeIn, Inc.) Hidden LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.607 - LogMeIn, Inc.) Medal of Honor: Pacific Assault™ (HKLM-x32\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.2.1.281 - Electronic Arts) Microsoft Office 365 - pl-pl (HKLM\...\O365HomePremRetail - pl-pl) (Version: 16.0.10730.20102 - Microsoft Corporation) Microsoft Office 365 ProPlus - pl-pl (HKLM\...\O365ProPlusRetail - pl-pl) (Version: 16.0.10730.20102 - Microsoft Corporation) Microsoft Office Professional 2016 - pl-pl (HKLM\...\ProfessionalRetail - pl-pl) (Version: 16.0.10730.20102 - Microsoft Corporation) Microsoft Office XP Professional z programem FrontPage (HKLM-x32\...\{90280415-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.4330.0 - Microsoft Corporation) Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2360683318-3101315901-2434765935-1001\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) NVIDIA GeForce Experience 3.14.1.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.1.48 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation) NVIDIA Sterownik graficzny 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0415-0000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 10.5.26.8488 - Electronic Arts, Inc.) Panel sterowania NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.) Rome - Total War (HKLM-x32\...\{51D386C4-0227-46A9-AC45-61F0A50E7AFF}) (Version: 1.5 - The Creative Assembly) SketchUp Import 2016-2017 (HKLM-x32\...\{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 - Autodesk) Skype™ 7.35 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.35.103 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.0 - TeamSpeak Systems GmbH) Tibia (HKU\S-1-5-21-2360683318-3101315901-2434765935-1001\...\Tibia) (Version: - CipSoft GmbH) TIDAL (HKU\S-1-5-21-2360683318-3101315901-2434765935-1001\...\TIDAL) (Version: 2.1.20 - TIDAL Music AS) Titan Quest (HKLM-x32\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore) Titan Quest Immortal Throne (HKLM-x32\...\{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}) (Version: 1.00.0000 - Iron Lore) Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) Uplay (HKLM-x32\...\Uplay) (Version: 61.0 - Ubisoft) Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden WinRAR 5.50 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) World of Tanks (HKU\S-1-5-21-2360683318-3101315901-2434765935-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-2360683318-3101315901-2434765935-1001_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> D:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2360683318-3101315901-2434765935-1001_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> D:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2360683318-3101315901-2434765935-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> D:\Program Files\Autodesk\AutoCAD 2017\pl-PL\acadficn.dll (Autodesk, Inc.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.) ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2016-02-07] (Autodesk) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2017-09-13] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2017-09-13] (Alexander Roshal) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2017-09-13] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2017-09-13] (Alexander Roshal) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {03F69B69-E445-4805-AC09-19DE1A1C5A73} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-09-18] (Microsoft Corporation) Task: {06B3E6CA-6EA8-4445-9BC0-62C975674861} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-09-18] (Microsoft Corporation) Task: {0B439AA5-A448-4E10-B8CB-9F7407764E53} - System32\Tasks\{1C83E386-C2E7-5896-1480-A3B9F1C7FC17} => C:\Users\olesl\AppData\Local\dwnyFyIgt.exe [2018-04-12] (Microsoft Corporation) Task: {1B4D7595-48AC-4A99-8482-5D7EB2EE6F9A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-09-18] (Microsoft Corporation) Task: {24CD1E9F-7331-4604-9594-1735B551D23C} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_Plugin.exe [2018-09-12] (Adobe Systems Incorporated) Task: {46DF4C80-0707-492F-A8DE-29713F089F1F} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA Task: {562AD53C-56DC-4D12-97D2-551687AF4C5C} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe Task: {58BCEB6D-960E-49B2-A737-712C9A95263D} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-09-18] (Microsoft Corporation) Task: {5B5E676F-4398-48F2-859C-93A8D910A27F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-07-19] (NVIDIA Corporation) Task: {5C9A5217-A228-4B5F-ACC7-CD3B8F332DF7} - System32\Tasks\{628C5F8B-3991-312C-FBB6-92303A6B8CEA} => C:\Program Files (x86)\aPXyuOboOol.exe [2018-04-12] (Microsoft Corporation) <==== UWAGA Task: {62D6A32A-5BF6-4CAA-9F93-AE5E1C7D4284} - System32\Tasks\{06451D51-275D-41F2-8C5A-711789A6BFDD} => C:\WINDOWS\system32\pcalua.exe -a E:\autorun.exe -d E:\ Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {6BB41459-09A6-4664-87C7-83288626C812} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-01] (Microsoft Corporation) Task: {6FDD61F4-07AE-4740-B0D9-22AB15957017} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-01] (Microsoft Corporation) Task: {73E7C99F-F5A1-4A32-833A-B8D900574A86} - System32\Tasks\{4D07C4DE-22C8-4EA9-9B91-2497DC93F2FA} => C:\WINDOWS\system32\pcalua.exe -a "D:\Program Files (x86)\The Creative Assembly\Rome - Total War\RomeTW.exe" -d "D:\Program Files (x86)\The Creative Assembly\Rome - Total War" Task: {7D079527-607F-4298-BD2C-074903D463D5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-09-18] (Microsoft Corporation) Task: {8269E3A2-B74D-47C5-B7D1-2C4D38BDFEBF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-08] (Microsoft Corporation) Task: {8863116C-7096-48C1-8179-33FE07CCD495} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-01] (Microsoft Corporation) Task: {896AC02C-68A8-4366-A9D8-4A104EA7276B} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation) Task: {A2B23E99-3C51-45FD-AB48-884B2CA1CED5} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation) Task: {A6D63FD6-61C4-40C3-AF41-663C0F2C36C1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-01] (Google Inc.) Task: {A726C3F2-D786-42B5-8DC4-1D26B67FB405} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation) Task: {BAAC1957-2747-4BBB-81DF-3B8CF0F29007} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation) Task: {BB0CAF47-2D22-4C85-8D0D-937BBCF5218A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-09-16] (AVAST Software) Task: {C0451F9A-44A3-4362-8007-A59D951A94D2} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-09-12] (Adobe Systems Incorporated) Task: {D04D4855-EBD3-4AC4-84B0-A1C741F296B6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation) Task: {D186ECC9-22B8-4E77-AF77-3571D554087D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-08] (Microsoft Corporation) Task: {D3983A89-2D80-4A60-9CC4-DE4FA02E8CBF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-01] (Microsoft Corporation) Task: {D9D6C161-05E0-4656-92D0-EA436721FC3D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-07-19] (NVIDIA Corporation) Task: {E0283E33-6362-4FBD-994C-A7EFD13D5BC0} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation) Task: {E229BED9-63EF-4613-BD3A-187FD6B0CDD2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-07-19] (NVIDIA Corporation) Task: {E737EBEB-15D9-41B5-8997-5E8A6C7DDA56} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation) Task: {ED9AA495-1FB6-44A5-BD44-CE15F9DF50D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-01] (Google Inc.) Task: {F40CBFCE-4E6E-4209-924B-D53E6D6E61D1} - System32\Tasks\{0B52867A-46E1-25A9-F56D-4E248F1D94FB} => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://1bl0g.net/cl/?guid=bsrol62zs6kxej32r9am9v0imxx1oi4q&prid=1&pid=4_1324_0 Task: {F76123C0-5668-4583-86F6-18A39D862A69} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-09-18] (Microsoft Corporation) Task: {F87668E0-AF87-45B7-80DB-42AF036A1B4D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) Shortcut: C:\Users\olesl\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Moje witryny w sieci MSN\target.lnk -> hxxp://uk.msnusers.co ==================== Załadowane moduły (filtrowane) ============== 2018-03-04 21:12 - 2018-03-24 03:19 - 000544192 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll 2018-08-05 10:29 - 2018-07-19 22:20 - 001314856 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2018-08-24 22:46 - 2018-08-26 22:59 - 000076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe 2017-05-24 16:55 - 2018-03-24 01:02 - 000135136 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2018-09-12 13:59 - 2018-08-31 05:12 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-07-25 09:31 - 2018-07-25 09:31 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2018-07-25 09:31 - 2018-07-25 09:31 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2018-07-25 09:31 - 2018-07-25 09:31 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2018-07-25 09:31 - 2018-07-25 09:31 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll 2018-07-25 09:31 - 2018-07-25 09:31 - 000653824 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll 2018-09-12 13:43 - 2018-09-12 13:44 - 035124736 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe 2018-09-12 13:43 - 2018-09-12 13:44 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\SharedUI.dll 2018-09-12 13:43 - 2018-09-12 13:44 - 006417408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\EntCommon.dll 2017-09-30 13:53 - 2017-09-30 14:09 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-09-12 13:43 - 2018-09-12 13:44 - 009010176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\EntPlat.dll 2018-09-24 13:07 - 2018-09-24 20:37 - 000326144 _____ () C:\Windows\SysWOW64\x64Payload.exp - - 000000000 _____ () C:\Users\olesl\AppData\Local\backup_log\msiexec64.exe 2018-08-30 21:32 - 2018-08-30 21:32 - 000479232 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2018-08-30 21:32 - 2018-08-30 21:32 - 069283840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2017-09-30 14:14 - 2017-09-30 14:16 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll 2018-08-21 19:17 - 2018-08-21 19:18 - 000049664 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\RenderingPlugin.dll 2018-08-30 21:32 - 2018-08-30 21:32 - 003699200 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll 2018-04-29 18:04 - 2018-04-29 18:05 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\ImagePipelineNative.dll 2018-08-30 21:32 - 2018-08-30 21:32 - 000035328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll 2018-08-21 19:17 - 2018-08-21 19:18 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\opencv_imgproc320.dll 2018-08-21 19:17 - 2018-08-21 19:18 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\opencv_core320.dll 2018-03-30 18:19 - 2018-03-30 18:20 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll 2018-08-30 21:32 - 2018-08-30 21:32 - 014333440 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll 2018-08-30 21:32 - 2018-08-30 21:32 - 003544576 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\MediaEngine.dll 2018-08-30 21:32 - 2018-08-30 21:32 - 002869248 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\AppCore.Windows.dll 2018-08-30 21:32 - 2018-08-30 21:32 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll 2018-07-29 18:08 - 2018-07-29 18:08 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-08-30 21:32 - 2018-08-30 21:32 - 000145920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\SKU.dll 2018-08-05 10:29 - 2018-07-19 22:19 - 001032744 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2018-06-27 13:16 - 2018-07-26 17:37 - 000015360 _____ () C:\Program Files (x86)\Origin\libEGL.DLL 2018-06-27 13:16 - 2018-07-26 17:37 - 003090944 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Users\Public\AppData:CSM [474] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) HKU\S-1-5-21-2360683318-3101315901-2434765935-1001\Software\Classes\.scr: AutoCADScriptFile => ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-2360683318-3101315901-2434765935-1001\...\sharepoint.com -> hxxps://utpedupl-files.sharepoint.com ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2016-08-01 12:12 - 2018-09-24 14:53 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2360683318-3101315901-2434765935-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\olesl\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\Ola & Mateusz-329.jpg DNS Servers: 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == Załączenie wejścia w fixlist spowoduje jego usunięcie. HKLM\...\StartupApproved\StartupFolder: => "Microsoft Office.lnk" HKLM\...\StartupApproved\Run32: => "TIDAL" HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App" HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui" HKU\S-1-5-21-2360683318-3101315901-2434765935-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-2360683318-3101315901-2434765935-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-2360683318-3101315901-2434765935-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2360683318-3101315901-2434765935-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-2360683318-3101315901-2434765935-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-2360683318-3101315901-2434765935-1001\...\StartupApproved\Run: => "TIDAL" HKU\S-1-5-21-2360683318-3101315901-2434765935-1001\...\StartupApproved\Run: => "GalaxyClient" HKU\S-1-5-21-2360683318-3101315901-2434765935-1001\...\StartupApproved\Run: => "Akamai NetSession Interface" HKU\S-1-5-21-2360683318-3101315901-2434765935-1001\...\StartupApproved\Run: => "World of Tanks" HKU\S-1-5-21-2360683318-3101315901-2434765935-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-2360683318-3101315901-2434765935-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{59F35D68-FBFA-4439-B37D-962EEAD97AD9}] => (Allow) D:\Games\World_of_Tanks\worldoftanks.exe FirewallRules: [{3E134B42-0B58-4CE7-AAD0-1751B5D2D3DC}] => (Allow) D:\Games\World_of_Tanks\worldoftanks.exe FirewallRules: [{7CC79E6A-1318-48F4-ACB4-007EBD3740AC}] => (Allow) D:\Games\World_of_Tanks\WoTLauncher.exe FirewallRules: [{88357C2B-BA9C-45E4-A262-93A3E4CFBD41}] => (Allow) D:\Games\World_of_Tanks\WoTLauncher.exe FirewallRules: [UDP Query User{0818B8CB-C1FB-41C6-9BED-23BABD6562DB}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe FirewallRules: [TCP Query User{D26E863F-8BF6-40A3-969B-1E54C7FB054A}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe FirewallRules: [UDP Query User{19640689-12BC-4A46-ADB8-0D65D1CE37A0}D:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win64\paladins.exe] => (Allow) D:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win64\paladins.exe FirewallRules: [TCP Query User{E4975F20-AF1A-4D21-B60D-3AA2DC49E1DA}D:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win64\paladins.exe] => (Allow) D:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win64\paladins.exe FirewallRules: [{2D5DF559-A668-4F02-864F-CCF8DB816185}] => (Block) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe FirewallRules: [{6A4D58E6-4537-4AEA-907E-5254E1B4595D}] => (Block) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe FirewallRules: [UDP Query User{C8ACF9B0-3C9F-4242-A6BC-A699F05C151F}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe FirewallRules: [TCP Query User{ABD3F1E4-32B8-406C-9F59-8F250026E0AA}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe FirewallRules: [{30870DBF-7D38-4B11-8BB3-2E3FB09818C0}] => (Block) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.134\deploy\leagueclient.exe FirewallRules: [{5C368EB6-CF24-471C-8DFC-94E55FBA1C13}] => (Block) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.134\deploy\leagueclient.exe FirewallRules: [UDP Query User{743B4AD6-6015-467B-B0F3-210D85E08015}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.134\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.134\deploy\leagueclient.exe FirewallRules: [TCP Query User{8FE05E05-ADA4-48D2-9878-D0E3E694665F}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.134\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.134\deploy\leagueclient.exe FirewallRules: [UDP Query User{D1272BA7-2980-4F2B-9C5B-6FC2EEE1C46F}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Block) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe FirewallRules: [TCP Query User{EEFEB45C-25AF-4D11-B863-750A0E94A94C}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Block) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe FirewallRules: [{C11BE101-1710-46D4-A990-F0DDC326A9B5}] => (Allow) D:\Program Files (x86)\Origin\Battlefield Bad Company 2\BFBC2Game.exe FirewallRules: [{DA968F7E-19F8-4D8C-969F-E611F3DEEA92}] => (Allow) D:\Program Files (x86)\Origin\Battlefield Bad Company 2\BFBC2Game.exe FirewallRules: [{33D34EF7-36AB-4538-B8BF-2D16EB3C468D}] => (Allow) D:\Program Files (x86)\Origin\Battlefield 4\BFLauncher_x86.exe FirewallRules: [{53822044-B55E-4AD0-97AE-6F57E132548E}] => (Allow) D:\Program Files (x86)\Origin\Battlefield 4\BFLauncher_x86.exe FirewallRules: [{EB77F01C-1275-47DF-8D62-7547191EEA24}] => (Allow) D:\Program Files (x86)\Origin\Battlefield 4\BFLauncher.exe FirewallRules: [{7A12D8C5-D69A-4F32-AA34-1375A673FD43}] => (Allow) D:\Program Files (x86)\Origin\Battlefield 4\BFLauncher.exe FirewallRules: [{BEB17133-AF23-4B16-A5A8-755D1004C086}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe FirewallRules: [{D2DCBDFE-3EC1-48D2-827B-8AD7872851FA}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe FirewallRules: [UDP Query User{B1FC914A-CDDA-436A-8F66-61192D7E2111}D:\program files (x86)\the creative assembly\rome - total war\rometw.exe] => (Allow) D:\program files (x86)\the creative assembly\rome - total war\rometw.exe FirewallRules: [TCP Query User{C96A59D8-0E5C-4D99-B7ED-4C6B5EAE47C3}D:\program files (x86)\the creative assembly\rome - total war\rometw.exe] => (Allow) D:\program files (x86)\the creative assembly\rome - total war\rometw.exe FirewallRules: [{C2E814F8-6398-4773-B116-213C7DF11E7B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [UDP Query User{6C06EF3D-EE70-4C2D-9AB7-BED041D7699D}D:\program files (x86)\age of empires iii - complete collection\age3y.exe] => (Allow) D:\program files (x86)\age of empires iii - complete collection\age3y.exe FirewallRules: [TCP Query User{A875F4F9-9DE9-4717-9572-E73F5A9D5624}D:\program files (x86)\age of empires iii - complete collection\age3y.exe] => (Allow) D:\program files (x86)\age of empires iii - complete collection\age3y.exe FirewallRules: [{03BDCD26-63EA-4AAA-9DE4-97573051CEFD}] => (Allow) D:\Program Files (x86)\GameSpy Arcade\Aphex.exe FirewallRules: [{F1C0C463-BA2A-4E5B-B9EE-6C5BB8D18781}] => (Allow) D:\Program Files (x86)\GameSpy Arcade\Aphex.exe FirewallRules: [UDP Query User{938E9A58-FB33-40C5-84FE-ED9A7307F1A6}D:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) D:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe FirewallRules: [TCP Query User{DB822303-30AF-4B0A-B75B-1BD1E56F2D6C}D:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) D:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe FirewallRules: [UDP Query User{B67D466C-5917-4E61-ACD2-E6D3EA8400A6}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe FirewallRules: [TCP Query User{91312CEF-F6A5-4EE4-92D3-A1F833BB9603}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe FirewallRules: [UDP Query User{74D3B93B-A2C4-4504-9398-94151B35B608}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe FirewallRules: [TCP Query User{DD822CBB-89A8-46D3-8FBE-D3AEC21CB37D}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe FirewallRules: [UDP Query User{F595F77A-6E54-4E10-9FFC-6DCC75C1763C}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe FirewallRules: [TCP Query User{D3022B94-40AC-4270-82DF-19BA0F851DFF}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe FirewallRules: [UDP Query User{54AC5C0C-34B3-4A5A-9433-3553FF2B31B8}D:\program files (x86)\ubisoft\heroes of might and magic iii - zlota edycja\h3blade.exe] => (Allow) D:\program files (x86)\ubisoft\heroes of might and magic iii - zlota edycja\h3blade.exe FirewallRules: [TCP Query User{D18C8D33-49A3-49D6-8DB8-BE397828D582}D:\program files (x86)\ubisoft\heroes of might and magic iii - zlota edycja\h3blade.exe] => (Allow) D:\program files (x86)\ubisoft\heroes of might and magic iii - zlota edycja\h3blade.exe FirewallRules: [UDP Query User{43405DF7-70A5-4797-BA04-7A38B407416D}C:\users\olesl\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\olesl\appdata\roaming\gameranger\gameranger\gameranger.exe FirewallRules: [TCP Query User{679C4303-7E31-476B-B315-0E0BC4E7571A}C:\users\olesl\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\olesl\appdata\roaming\gameranger\gameranger\gameranger.exe FirewallRules: [UDP Query User{EB1BC227-0869-407A-9AD2-5EE09FCB70F3}C:\gog games\heroes of might and magic v\bin\h5_game.exe] => (Block) C:\gog games\heroes of might and magic v\bin\h5_game.exe FirewallRules: [TCP Query User{592CDAE3-3A6A-4504-BB77-0E8E5D3507AD}C:\gog games\heroes of might and magic v\bin\h5_game.exe] => (Block) C:\gog games\heroes of might and magic v\bin\h5_game.exe FirewallRules: [UDP Query User{9774C13E-E1BF-434D-AB17-F52B8BCB3261}D:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) D:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [TCP Query User{55812EE6-24B4-48DC-A5E9-77C31DDB7791}D:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) D:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{7010584C-BF7E-43B5-9B01-BEA99541B8E7}D:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) D:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe FirewallRules: [TCP Query User{FD8A6BEA-145D-4A53-B991-75E07BA8D559}D:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) D:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe FirewallRules: [{07CE3808-3CA7-46FA-8F04-A731AF03A9C6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{ADEFE57A-3C17-46D7-9DFC-3CD30EF875D6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{05E1E161-FCD7-463C-87C1-80D0FB1BF9C1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{A16924B5-477F-4EB4-BA5B-94C60A784C02}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{65B842F5-3257-47A6-8FA5-D979B0E3118D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [UDP Query User{2EA95235-E1AB-4F6C-8FA5-9D9A117D6E37}D:\program files (x86)\origin\battlefield 4\bf4.exe] => (Allow) D:\program files (x86)\origin\battlefield 4\bf4.exe FirewallRules: [TCP Query User{87061DE1-A5BB-4250-8820-745550FFB0AF}D:\program files (x86)\origin\battlefield 4\bf4.exe] => (Allow) D:\program files (x86)\origin\battlefield 4\bf4.exe FirewallRules: [{A0ABF29E-1866-4370-9646-0F1E6AA94EA7}] => (Allow) D:\Program Files (x86)\Origin\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [{86E2B012-288B-4A6A-89CE-D96FDB1F1358}] => (Allow) D:\Program Files (x86)\Origin\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [{2F171740-472A-4EAD-AF27-27952A74E2E9}] => (Allow) D:\Program Files (x86)\Origin\Battlefield 4\BF4WebHelper.exe FirewallRules: [{377A32AE-40A8-4EB5-8208-D1DCE3851AAA}] => (Allow) D:\Program Files (x86)\Origin\Battlefield 4\BF4WebHelper.exe FirewallRules: [{9EA2728D-B364-4F1E-9062-10BC14A6948A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe FirewallRules: [{54DA54AC-21AB-4453-8F2B-5EAAE08822C8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe FirewallRules: [{441EADCB-3559-431E-B883-0C1CC2BB39C1}] => (Allow) D:\Program Files (x86)\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe FirewallRules: [{ADAF5809-5531-4BA0-8A06-B561E44F9BDC}] => (Allow) D:\Program Files (x86)\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe FirewallRules: [{39919F13-6EFE-4E44-A33F-7CFB8C70F619}] => (Allow) D:\Program Files (x86)\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [{FBEFEDBE-5548-4E0A-8476-0D346C55B4FF}] => (Allow) D:\Program Files (x86)\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [{DF88CD1A-1073-410C-9F7F-EAC708F4B97A}] => (Allow) D:\Program Files (x86)\R.G. Mechanics\SimCity\SimCity\SimCity.exe FirewallRules: [{3CC60C3C-94C3-4064-A8EF-550072B9104A}] => (Allow) D:\Program Files (x86)\R.G. Mechanics\SimCity\SimCity\SimCity.exe FirewallRules: [UDP Query User{1488DC16-0A0B-4CD6-B54C-FE9A3AB0E87C}D:\program files (x86)\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{8D695308-4BFC-4CAE-8B49-9C58AE460BE9}D:\program files (x86)\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{849AE395-4A07-4133-BBF4-2B47F5C08C8A}D:\program files (x86)\heroes of the storm\versions\base48760\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base48760\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{90BA17D4-0B76-4B0B-8895-D872AAA52966}D:\program files (x86)\heroes of the storm\versions\base48760\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base48760\heroesofthestorm_x64.exe FirewallRules: [{7E49E53A-DA2E-4D1C-A4DD-895504112D40}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops\BlackOpsMP.exe FirewallRules: [{0BE9E5AA-D152-44A9-A198-C43811A47D88}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops\BlackOpsMP.exe FirewallRules: [{1A8A7CFF-9F0E-4623-A1BB-4794A3DCEAC4}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{8BF08E45-0ED2-4DB8-A0E7-BAC227B5AECD}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [UDP Query User{75790EB7-C494-4A5C-9E81-79A9C47DFBB9}C:\users\olesl\appdata\local\temp\rar$exa0.294\marinermt2.pl-09.04.2016\marinermt2.exe] => (Allow) C:\users\olesl\appdata\local\temp\rar$exa0.294\marinermt2.pl-09.04.2016\marinermt2.exe FirewallRules: [TCP Query User{3EBE5F2E-49D4-4B4B-BE21-CDD793E66246}C:\users\olesl\appdata\local\temp\rar$exa0.294\marinermt2.pl-09.04.2016\marinermt2.exe] => (Allow) C:\users\olesl\appdata\local\temp\rar$exa0.294\marinermt2.pl-09.04.2016\marinermt2.exe FirewallRules: [UDP Query User{A5E5607B-F3BA-4CA9-8F63-A4A04666B729}C:\users\olesl\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\olesl\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{B5021932-9B90-4EBE-B18F-CE2AC8D6902A}C:\users\olesl\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\olesl\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{62E39370-87C7-4737-940F-B85D2CF8B03D}D:\program files (x86)\metek\marinermt2.pl-09.04.2016\marinermt2.exe] => (Allow) D:\program files (x86)\metek\marinermt2.pl-09.04.2016\marinermt2.exe FirewallRules: [TCP Query User{2AE8D668-EB50-480D-B921-F790FA1EA836}D:\program files (x86)\metek\marinermt2.pl-09.04.2016\marinermt2.exe] => (Allow) D:\program files (x86)\metek\marinermt2.pl-09.04.2016\marinermt2.exe FirewallRules: [{CFEA9721-14A0-497A-A124-9B7B52BAE957}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{E94736F2-36C8-480C-95DC-40B0F88EC8D2}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{D6570BC1-7079-4722-807F-94ED8533E9F5}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{83D88729-4B60-4E25-943C-6FC6F06577BE}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{01B6042C-7C0F-4585-8823-4FBA187305A2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe FirewallRules: [{5C080DAA-2F2C-46A4-B945-F58A9D09E886}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe FirewallRules: [TCP Query User{D410E3BF-7BBF-43F1-945C-090522CEB39B}D:\program files (x86)\metinek\4death.pl.exe] => (Allow) D:\program files (x86)\metinek\4death.pl.exe FirewallRules: [UDP Query User{59B2AA00-8B37-4A3B-900B-305ECD7230A3}D:\program files (x86)\metinek\4death.pl.exe] => (Allow) D:\program files (x86)\metinek\4death.pl.exe FirewallRules: [TCP Query User{FD338C0D-2B51-49EE-91F4-010CEFCC3CC6}D:\program files (x86)\ea games\mohaa\moh_breakthrough_server.exe] => (Allow) D:\program files (x86)\ea games\mohaa\moh_breakthrough_server.exe FirewallRules: [UDP Query User{0D228CDA-C1E6-4B61-8669-249DED863CA7}D:\program files (x86)\ea games\mohaa\moh_breakthrough_server.exe] => (Allow) D:\program files (x86)\ea games\mohaa\moh_breakthrough_server.exe FirewallRules: [TCP Query User{6A1455ED-D1EC-4518-A690-652D97DD885B}D:\program files (x86)\ea games\mohaa\mohaa.exe] => (Allow) D:\program files (x86)\ea games\mohaa\mohaa.exe FirewallRules: [UDP Query User{E415B67D-F6B6-4717-9651-CBC39D2C8A56}D:\program files (x86)\ea games\mohaa\mohaa.exe] => (Allow) D:\program files (x86)\ea games\mohaa\mohaa.exe FirewallRules: [{9A8BB489-2B32-4471-9DC2-C81F5174DACF}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe FirewallRules: [{24B6F1E4-16DE-445A-92EF-657FB6592451}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe FirewallRules: [TCP Query User{4C5A6DC4-01F5-42CE-AF22-FD26BE21E305}D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [UDP Query User{019E453C-BE8F-4A2D-9486-B7137A3CC382}D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [TCP Query User{CD333BDB-F226-4C16-804F-CD96E1D8B97C}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [UDP Query User{8B875123-FB44-4C7A-8C5A-738C5B979E51}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [TCP Query User{11A1EF82-F6FA-42E0-90B2-B194863D00FC}D:\program files (x86)\thq\titan quest immortal throne\tqit.exe] => (Allow) D:\program files (x86)\thq\titan quest immortal throne\tqit.exe FirewallRules: [UDP Query User{86191719-96E9-4C29-9A76-8D7E50CBF964}D:\program files (x86)\thq\titan quest immortal throne\tqit.exe] => (Allow) D:\program files (x86)\thq\titan quest immortal throne\tqit.exe FirewallRules: [TCP Query User{042B9E1C-EAA5-485D-958C-8BB260606C7F}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe FirewallRules: [UDP Query User{ECD9DA74-6A9B-441F-8EB8-CA9F17514DCA}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe FirewallRules: [{40C4595E-5C89-40D4-A13A-723ABBC9B77E}] => (Allow) D:\Riot Games\League of Legends\LeagueClient.exe FirewallRules: [{851ADB96-4E32-4D18-9244-7D95D3D110D4}] => (Allow) D:\Riot Games\League of Legends\LeagueClient.exe FirewallRules: [{89714E98-7BE7-4701-A57F-C845FFC3C6E3}] => (Allow) D:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe FirewallRules: [{1152E790-82A1-4B02-819A-A36730150053}] => (Allow) D:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe FirewallRules: [TCP Query User{FAA364E9-8D8D-4224-BDC4-FF8FC949171F}D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe FirewallRules: [UDP Query User{3A30117A-14F6-4162-8A41-30BAABD6D9CC}D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe FirewallRules: [TCP Query User{3F7C524F-68E8-418A-AF98-AD7DED731879}C:\users\olesl\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\olesl\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{7150D20F-7EDD-46BE-B0C7-B107F5927CB4}C:\users\olesl\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\olesl\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{BCBF9819-6B07-49E9-97DB-88F98E0F937F}D:\users\olesl\appdata\local\crossout\launcher.exe] => (Allow) D:\users\olesl\appdata\local\crossout\launcher.exe FirewallRules: [UDP Query User{90C99327-ECD3-4037-80B3-E48066476D65}D:\users\olesl\appdata\local\crossout\launcher.exe] => (Allow) D:\users\olesl\appdata\local\crossout\launcher.exe FirewallRules: [TCP Query User{03698149-7997-411B-A1A1-62EEF20B89CE}D:\program files (x86)\gog.com\icewind dale complete\idmain.exe] => (Allow) D:\program files (x86)\gog.com\icewind dale complete\idmain.exe FirewallRules: [UDP Query User{B03E663C-CF49-447F-BB96-E75456170DEB}D:\program files (x86)\gog.com\icewind dale complete\idmain.exe] => (Allow) D:\program files (x86)\gog.com\icewind dale complete\idmain.exe FirewallRules: [TCP Query User{0E2C0E15-8BCC-4F10-B382-677486D348DD}D:\program files (x86)\strategy first\disciples ii - bunt elfow\discipl2.exe] => (Allow) D:\program files (x86)\strategy first\disciples ii - bunt elfow\discipl2.exe FirewallRules: [UDP Query User{A2013D5E-751C-4564-9842-2D9F04005FDD}D:\program files (x86)\strategy first\disciples ii - bunt elfow\discipl2.exe] => (Allow) D:\program files (x86)\strategy first\disciples ii - bunt elfow\discipl2.exe FirewallRules: [{D566F513-6882-4E90-A114-618273A4DF80}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{C0C6CD88-E535-4283-A0AD-634B80623E91}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{3CFBB1E5-0ACE-47AA-8E9B-B886501217A0}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{FB139957-75D1-450E-8DAB-68D8FA5B0310}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{23EB53B7-AC31-4042-9D34-DE49569E156F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{65E5F992-3FC6-4B3A-AD2A-A2088FEF2EB8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{CB5E9167-AFB1-4EA6-AEBE-03B54EFCBE85}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{7F4FACC8-F52B-4211-A029-B003E69A3F30}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{277B7822-D77D-4E7C-8CB1-DE6410ADBB36}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [{13792581-DCB0-42D0-995D-3B86AB06A9A4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{6DED985D-6749-488B-A928-9EBA9779F3E9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{CE1D54B9-9122-43F6-924D-60416E66B6B8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{BE6ACF31-FA75-4E26-808B-85CEC9D2B999}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{3BD502B2-1E11-45F9-BBB4-70603AAC1EE7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{652E396F-40D1-4DF9-9507-6202F82CFA38}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [{D87FADBC-0F35-4077-8B42-F04FE5A35B2B}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{109ED0BB-7FC7-435B-A882-7146D2A8A9A7}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{8B7DD9E9-A62B-49D7-8B45-4C76EC009E32}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{CDCFA8E4-075B-47A5-BAF1-EF15E1740D00}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{008B834E-F304-40B5-B799-E68C80DFF212}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{62264959-156A-4F27-B677-BFFB3B42662A}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [TCP Query User{97F3AD22-5D55-48B8-98F3-90F387A51EC4}D:\program files (x86)\black isle\icewind dale\idmain.exe] => (Allow) D:\program files (x86)\black isle\icewind dale\idmain.exe FirewallRules: [UDP Query User{6659022C-CAC8-47CA-8E77-2AB08F37320E}D:\program files (x86)\black isle\icewind dale\idmain.exe] => (Allow) D:\program files (x86)\black isle\icewind dale\idmain.exe FirewallRules: [{B081A77D-2BFF-4663-8A32-49637BBA637E}] => (Block) D:\program files (x86)\black isle\icewind dale\idmain.exe FirewallRules: [{43FB52FF-9772-4E36-8D93-D524CE48A3EA}] => (Block) D:\program files (x86)\black isle\icewind dale\idmain.exe FirewallRules: [TCP Query User{84421025-DFC7-4465-AA4C-870CEA619FFD}D:\program files (x86)\mr dj\borderlands 2 goty\binaries\win32\borderlands2.exe] => (Allow) D:\program files (x86)\mr dj\borderlands 2 goty\binaries\win32\borderlands2.exe FirewallRules: [UDP Query User{DBD33E88-617B-4C7F-8C02-B5EC991BD770}D:\program files (x86)\mr dj\borderlands 2 goty\binaries\win32\borderlands2.exe] => (Allow) D:\program files (x86)\mr dj\borderlands 2 goty\binaries\win32\borderlands2.exe FirewallRules: [{9D681AE2-5405-49A0-8854-D01B820A4075}] => (Block) D:\program files (x86)\mr dj\borderlands 2 goty\binaries\win32\borderlands2.exe FirewallRules: [{04A00029-4D9A-40A2-B9BF-91D7249921DE}] => (Block) D:\program files (x86)\mr dj\borderlands 2 goty\binaries\win32\borderlands2.exe FirewallRules: [{F9EB28AF-161E-4E4D-8818-7BD250970E2F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{D52750C4-52C2-4ABF-9495-C412C77FF351}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [TCP Query User{59981F1C-73C2-4DCB-85F9-4AD21065C5FA}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe FirewallRules: [UDP Query User{5C933997-96C0-45AA-A23C-6C38D40179B8}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe FirewallRules: [{AD9CD7A7-4D8C-4EE0-92B5-BA9A082CE5D5}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe FirewallRules: [{EC73FCA7-588E-47F4-897D-58E6360406EF}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe FirewallRules: [TCP Query User{9D365C19-2A33-4A80-9715-E8EF66A11983}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe FirewallRules: [UDP Query User{0EC95F86-10AA-445F-8606-AADCEDD6FD3E}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe FirewallRules: [TCP Query User{0BCD1259-5345-4644-ABC7-22402D48D16C}D:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe FirewallRules: [UDP Query User{91218983-E938-477D-B697-ADDE540DB901}D:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe FirewallRules: [{12CC0535-E0E1-4851-A8C8-951CF3A53E8A}] => (Allow) D:\Program Files (x86)\Origin\Medal of Honor Pacific Assault\mohpa_setup.exe FirewallRules: [{21CA1B90-82C0-48F7-82E2-4DC71EF855C7}] => (Allow) D:\Program Files (x86)\Origin\Medal of Honor Pacific Assault\mohpa_setup.exe FirewallRules: [{B59497A6-277B-41C8-96E5-FD4853D71F18}] => (Allow) D:\Program Files (x86)\Origin\Medal of Honor Pacific Assault\mohpa.exe FirewallRules: [{F876430B-FB9F-4B65-9D06-3C020A89E13B}] => (Allow) D:\Program Files (x86)\Origin\Medal of Honor Pacific Assault\mohpa.exe FirewallRules: [{FE8964BD-D801-463F-B151-4B068BE87DA0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{7191F1E5-7C8D-4D09-961D-F1F39B68BB4E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{39AD5D6A-FAF9-41FE-B9EC-67580C70B15A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{E0523AD0-FC51-4568-9CD4-E9C428CA1A13}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{B86CF931-EF89-42CD-A0E2-6AEF4D2EE54B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{03C7ED31-E9DA-4E71-B994-B2F18524163E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{EC3A0648-A828-4E7F-AFAA-61BC9AC71055}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{84F4C485-5E5E-4450-93AC-6B98A47EF532}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{12A26A9E-BAFB-40AA-9DFB-C51E726B7BE3}D:\users\olesl\appdata\local\warthunder\launcher.exe] => (Allow) D:\users\olesl\appdata\local\warthunder\launcher.exe FirewallRules: [UDP Query User{3D306553-EF0C-4445-86C4-80ED94BA47BF}D:\users\olesl\appdata\local\warthunder\launcher.exe] => (Allow) D:\users\olesl\appdata\local\warthunder\launcher.exe FirewallRules: [TCP Query User{8D6783D0-102B-4DFF-B780-6E6AB075B927}D:\users\olesl\appdata\local\warthunder\win32\aces.exe] => (Allow) D:\users\olesl\appdata\local\warthunder\win32\aces.exe FirewallRules: [UDP Query User{44F55964-3193-48D5-A7D2-B82EF0D3AB1C}D:\users\olesl\appdata\local\warthunder\win32\aces.exe] => (Allow) D:\users\olesl\appdata\local\warthunder\win32\aces.exe FirewallRules: [{FF9BC821-9155-4001-BCCB-4A220D7FC42B}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe FirewallRules: [{40792F53-E124-483D-AD2A-D4AEB6CC9F82}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe FirewallRules: [{EF1FE120-B948-462C-957E-7755C2CCAA00}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [{60DEC337-C7E5-4617-9206-D8AEFB2132FA}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [{662BB29F-9F1E-47C3-A23D-8BE0A7E2B705}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{27205BD4-506B-4A86-97F1-A770EBDA8465}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{633F22C9-FDFA-4AB0-98A0-E652C05386A4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{BB09FD13-4D75-4405-843E-EEC6121F2BC9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [TCP Query User{8BACFC79-1B4B-46A2-8515-171B51FBEFB7}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe FirewallRules: [UDP Query User{F74BA6D5-D663-444F-8BB6-A35015A58CBB}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe FirewallRules: [{B01CA3C1-97E0-4455-B1A1-AACA0DE3BDC1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{966E96F5-A4CD-42E5-B0CD-4EF7138D93D1}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe FirewallRules: [{B5201951-4758-4881-BE17-8E20FFF841C7}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe FirewallRules: [{8A1BBC98-38EF-415A-A3DC-E7699B2C25BA}] => (Allow) C:\WINDOWS\SysWOW64\msiexec.exe FirewallRules: [{DF7FE4D9-5D26-41D1-8D62-92F1C602F2BA}] => (Allow) C:\Users\olesl\AppData\Local\dwnyFyIgt.exe FirewallRules: [{18A1BCAB-9307-4165-B0CF-5A404E040B6A}] => (Allow) C:\Program Files (x86)\aPXyuOboOol.exe FirewallRules: [{5170B3E7-B6C7-4C31-B5DA-098C67A47E66}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{FC5F4961-21EE-4E95-997E-0A7F36F98AD0}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{956042EC-E964-42AF-BEF1-A1131C910B78}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{318DCA95-98E9-4A2C-8FB5-83091A7CD176}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{F8E7B493-80E9-478B-8FB1-E786A5180393}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{9AF37747-166D-4355-94CE-7CF235574634}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{EA62FC63-1572-4CF1-B017-A5AF94AEAFDA}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{6947A80B-5413-4A14-8CDC-918BE100CDBF}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{D97F8E37-1B9D-44EB-9CDD-643A0EF7E8F9}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{F3CC3E8A-6688-4AFC-9455-86E98889C3DD}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{6D2080C6-5930-4407-9DC6-8680EA0678AB}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{CF2B71B2-6327-4454-98B4-EE86E9587437}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{C3FD17F7-92BE-4358-B5A0-70208BBFDB91}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{37FFEFC4-94C4-44B8-9F5A-DB93D9142B54}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{9DFBD7C6-FB93-4F3C-A0CB-1EF542E7B137}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{1BFBA9C4-BE29-4C67-8A19-F11695FEEF67}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{33F94CB8-1B0A-4F44-8F14-57B66CBE1041}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{1A245158-6046-4052-9CFD-4DE4FE556459}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{B47F2F4C-EFCA-47CE-A498-BA9484800FA4}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{7D4998DC-8270-4B4A-A109-4D517A13A403}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{0F8FF30E-5405-44C4-947B-EB22FC2C0A27}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{04EF1070-7401-4E20-9F8F-60F4B0393FC3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.89.313.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{51CFAAFE-DCFE-4EE5-9F34-1ACE06D35338}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.89.313.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{8DEBDB37-C06F-4AFB-9BEA-780664E97B66}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.89.313.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{C94DED86-91EA-4C21-838C-2F2361DEE65D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.89.313.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{9E54DF4E-330E-4971-B68C-67C70AC6C777}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.89.313.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{183C9EE5-16FE-41FF-83CA-D99E27099715}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.89.313.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{4EAF4529-4CE5-4539-A633-51CFFD3C8ABA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.89.313.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{5C2555B3-1089-448E-8446-2DBEBDC6FF8A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.89.313.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{F3535826-0A13-4232-A3EA-F767A060A767}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{196B84E2-66E6-4C13-A203-5AC89B69B0E5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{07F23D0D-94E9-4ABF-8AFD-518E13771556}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{73333430-DE28-4F29-8F57-C5F6F29C59B1}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{04A4B0BA-34EB-45B7-B612-7FDB4017FF09}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{D09ED657-E3D2-4A23-A15F-0811C53EE1F3}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{FAE54BF3-EC40-40AB-B53E-058FDF5B8634}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{7DDBB36C-AB7F-4A86-A912-2595548C7EC3}] => (Allow) C:\Users\olesl\AppData\Local\backup_log\msiexec64.exe FirewallRules: [{65E521F9-63FE-4ADE-8F30-7DCD69D69713}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{534993AC-10F0-456F-8D93-E87E5EAC0759}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{6F6C50EC-EC22-4E94-AB9A-7059A555A65D}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{BBF255E9-AB21-4355-B58E-13F9AB2B6440}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{DAADE34E-ECE0-4477-A5B8-4041F4AC039B}] => (Allow) C:\Users\olesl\AppData\Local\backup_log\msiexec64.exe FirewallRules: [{1918EC0D-9925-4939-94E5-ADE6C0D193C9}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{BE5F3D65-15D2-41FA-B6F1-049CB082C645}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{E24ADC6B-4443-43E1-8F92-CCC6AE176D20}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{646EC074-9409-44C0-B24E-50E69EA873BE}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{18E7C26F-70ED-46BF-8266-A31895FFDA2A}] => (Allow) C:\Users\olesl\AppData\Local\backup_log\msiexec64.exe FirewallRules: [{B3AF5A8F-5874-4B76-9719-132377330AF5}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{1CC75642-7BFA-4BC9-92B1-650CAAFF308F}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{0A890221-8F44-4406-8BAB-FB14A33C417D}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{12B56270-2CD5-490A-85BC-B98845BDDB70}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{C011DDFE-2E6F-412A-B3AC-55B14BC42073}] => (Allow) C:\Users\olesl\AppData\Local\backup_log\msiexec64.exe FirewallRules: [{FD409A0F-B76A-4C61-A036-9AB8A213B2BD}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{99A06A16-C839-4042-8F33-AD86EF26CC6D}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{4C27AF7A-0191-40E7-8CCA-3C2CCA859DE9}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{EC757A96-F8E3-4395-818F-C96607233B33}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe ==================== Punkty Przywracania systemu ========================= UWAGA: Przywracanie systemu jest wyłączone ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: LogMeIn Hamachi Virtual Ethernet Adapter Description: LogMeIn Hamachi Virtual Ethernet Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: LogMeIn Inc. Service: Hamachi Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (09/24/2018 09:40:11 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-I6510HA) Description: httphttp-2147467263 Error: (09/24/2018 09:38:46 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-I6510HA) Description: httphttp-2147467263 Error: (09/24/2018 09:21:31 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-I6510HA) Description: httphttp-2147467263 Error: (09/24/2018 02:58:25 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: WsAppService.exe, wersja: 2.2.4.1, sygnatura czasowa: 0x5784a857 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.2.17134.165, sygnatura czasowa: 0xb0bb231d Kod wyjątku: 0xe053534f Przesunięcie błędu: 0x000000000003a388 Identyfikator procesu powodującego błąd: 0x%9 Godzina uruchomienia aplikacji powodującej błąd: 0xWsAppService.exe0 Ścieżka aplikacji powodującej błąd: WsAppService.exe1 Ścieżka modułu powodującego błąd: WsAppService.exe2 Identyfikator raportu: WsAppService.exe3 Pełna nazwa pakietu powodującego błąd: WsAppService.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: WsAppService.exe5 Error: (09/24/2018 02:53:09 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (09/24/2018 02:43:02 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: AdwCleaner.exe, wersja: 7.2.2.0, sygnatura czasowa: 0x5b87dadc Nazwa modułu powodującego błąd: AdwCleaner.exe, wersja: 7.2.2.0, sygnatura czasowa: 0x5b87dadc Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00098bfe Identyfikator procesu powodującego błąd: 0x254c Godzina uruchomienia aplikacji powodującej błąd: 0x01d45403d271e698 Ścieżka aplikacji powodującej błąd: C:\Users\olesl\Downloads\AdwCleaner.exe Ścieżka modułu powodującego błąd: C:\Users\olesl\Downloads\AdwCleaner.exe Identyfikator raportu: 76e1719a-e303-442f-b87f-6cec9205e772 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (09/24/2018 02:27:23 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: WsAppService.exe, wersja: 2.2.4.1, sygnatura czasowa: 0x5784a857 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.2.17134.165, sygnatura czasowa: 0xb0bb231d Kod wyjątku: 0xe053534f Przesunięcie błędu: 0x000000000003a388 Identyfikator procesu powodującego błąd: 0x%9 Godzina uruchomienia aplikacji powodującej błąd: 0xWsAppService.exe0 Ścieżka aplikacji powodującej błąd: WsAppService.exe1 Ścieżka modułu powodującego błąd: WsAppService.exe2 Identyfikator raportu: WsAppService.exe3 Pełna nazwa pakietu powodującego błąd: WsAppService.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: WsAppService.exe5 Error: (09/24/2018 02:14:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: AdwCleaner.exe, wersja: 7.2.2.0, sygnatura czasowa: 0x5b87dadc Nazwa modułu powodującego błąd: AdwCleaner.exe, wersja: 7.2.2.0, sygnatura czasowa: 0x5b87dadc Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00098bfe Identyfikator procesu powodującego błąd: 0x8ec Godzina uruchomienia aplikacji powodującej błąd: 0x01d45400080380c2 Ścieżka aplikacji powodującej błąd: C:\Users\olesl\Downloads\AdwCleaner.exe Ścieżka modułu powodującego błąd: C:\Users\olesl\Downloads\AdwCleaner.exe Identyfikator raportu: e0ca4b39-7862-43b1-9296-ca7bd8df42e8 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Dziennik System: ============= Error: (09/24/2018 09:21:01 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-I6510HA) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi DESKTOP-I6510HA\olesl o identyfikatorze zabezpieczeń SID (S-1-5-21-2360683318-3101315901-2434765935-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (09/24/2018 09:20:46 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-I6510HA) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi DESKTOP-I6510HA\olesl o identyfikatorze zabezpieczeń SID (S-1-5-21-2360683318-3101315901-2434765935-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (09/24/2018 08:41:11 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-I6510HA) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi DESKTOP-I6510HA\olesl o identyfikatorze zabezpieczeń SID (S-1-5-21-2360683318-3101315901-2434765935-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (09/24/2018 08:37:05 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Uruchom do aplikacji serwera COM z identyfikatorem klasy CLSID Windows.SecurityCenter.WscBrokerManager i identyfikatorem aplikacji APPID Niedostępny użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (09/24/2018 08:37:05 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Uruchom do aplikacji serwera COM z identyfikatorem klasy CLSID Windows.SecurityCenter.WscBrokerManager i identyfikatorem aplikacji APPID Niedostępny użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (09/24/2018 03:00:05 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-I6510HA) Description: Serwer {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (09/24/2018 03:00:05 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-I6510HA) Description: Serwer {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (09/24/2018 03:00:05 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-I6510HA) Description: Serwer {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} nie zarejestrował się w modelu DCOM w wymaganym czasie. Windows Defender: =================================== Date: 2018-09-13 20:41:27.236 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {FFB7D7E2-DBA8-4051-83FA-8186CE763A54} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2018-08-30 21:48:50.890 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {9CD66837-083C-4307-BE08-CA0D0FA4FEDB} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2018-08-19 21:48:09.202 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {4E47E2AA-6E53-4D63-BFB1-CCBFB191FED0} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2018-08-19 21:30:43.832 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {A23D0F95-3CC7-4F5D-BB9F-47924F62C255} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2018-08-16 15:39:27.492 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {9C8FDEE9-91D5-44A9-B18A-9E721E6CF85F} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2018-09-18 11:17:39.576 Description: Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby aktualizacji podpisów. Nowa wersja podpisu: Poprzednia wersja podpisu: 1.275.1425.0 Źródło aktualizacji: Serwer usługi Microsoft Update Typ podpisu: Oprogramowanie antywirusowe Typ aktualizacji: Pełne Użytkownik: ZARZĄDZANIE NT\SYSTEM Bieżąca wersja aparatu: Poprzednia wersja aparatu: 1.1.15200.1 Kod błędu: 0x80240016 Opis błędu: Podczas sprawdzania aktualizacji wystąpił nieoczekiwany problem. Aby uzyskać informacje na temat instalowania aktualizacji i rozwiązywania problemów z nimi, zobacz Pomoc i obsługę techniczną. Date: 2018-09-16 11:12:27.373 Description: Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby aktualizacji podpisów. Nowa wersja podpisu: Poprzednia wersja podpisu: 1.275.1209.0 Źródło aktualizacji: Centrum firmy Microsoft ds. ochrony przed złośliwym oprogramowaniem Typ podpisu: Oprogramowanie antywirusowe Typ aktualizacji: Pełne Użytkownik: ZARZĄDZANIE NT\USŁUGA SIECIOWA Bieżąca wersja aparatu: Poprzednia wersja aparatu: 1.1.15200.1 Kod błędu: 0x80072ee7 Opis błędu: Nie można określić nazwy serwera lub adresu. Date: 2018-09-16 11:12:27.373 Description: Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby aktualizacji podpisów. Nowa wersja podpisu: Poprzednia wersja podpisu: 1.275.1209.0 Źródło aktualizacji: Centrum firmy Microsoft ds. ochrony przed złośliwym oprogramowaniem Typ podpisu: Oprogramowanie antyszpiegowskie Typ aktualizacji: Pełne Użytkownik: ZARZĄDZANIE NT\USŁUGA SIECIOWA Bieżąca wersja aparatu: Poprzednia wersja aparatu: 1.1.15200.1 Kod błędu: 0x80072ee7 Opis błędu: Nie można określić nazwy serwera lub adresu. Date: 2018-09-16 11:12:27.373 Description: Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby aktualizacji podpisów. Nowa wersja podpisu: Poprzednia wersja podpisu: 1.275.1209.0 Źródło aktualizacji: Centrum firmy Microsoft ds. ochrony przed złośliwym oprogramowaniem Typ podpisu: Oprogramowanie antywirusowe Typ aktualizacji: Pełne Użytkownik: ZARZĄDZANIE NT\USŁUGA SIECIOWA Bieżąca wersja aparatu: Poprzednia wersja aparatu: 1.1.15200.1 Kod błędu: 0x80072ee7 Opis błędu: Nie można określić nazwy serwera lub adresu. Date: 2018-09-16 11:12:27.366 Description: Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby aktualizacji podpisów. Nowa wersja podpisu: Poprzednia wersja podpisu: 1.275.1209.0 Źródło aktualizacji: Centrum firmy Microsoft ds. ochrony przed złośliwym oprogramowaniem Typ podpisu: Oprogramowanie antywirusowe Typ aktualizacji: Pełne Użytkownik: ZARZĄDZANIE NT\USŁUGA SIECIOWA Bieżąca wersja aparatu: Poprzednia wersja aparatu: 1.1.15200.1 Kod błędu: 0x80072ee7 Opis błędu: Nie można określić nazwy serwera lub adresu. CodeIntegrity: =================================== Date: 2018-09-24 14:57:57.895 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c1a085cc86772d3f\nvlddmkm.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: AMD Phenom(tm) II X4 965 Processor Procent pamięci w użyciu: 49% Całkowita pamięć fizyczna: 6142.55 MB Dostępna pamięć fizyczna: 3090.52 MB Całkowita pamięć wirtualna: 7166.55 MB Dostępna pamięć wirtualna: 2676.34 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:77.59 GB) (Free:31.53 GB) NTFS Drive d: () (Fixed) (Total:387.63 GB) (Free:168.53 GB) NTFS \\?\Volume{a294a294-0000-0000-0000-100000000000}\ (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS \\?\Volume{a294a294-0000-0000-0000-f06b13000000}\ () (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: A294A294) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=77.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) Partition 4: (Not Active) - (Size=387.6 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================