Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 27-02-2022
Uruchomiony przez 48512 (06-03-2022 11:00:26)
Uruchomiony z C:\Users\48512\Documents
Microsoft Windows 10 Home Wersja 21H2 19044.1526 (X64) (2021-09-13 01:18:48)
Tryb startu: Normal
==========================================================


==================== Konta użytkowników: =============================


(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

48512 (S-1-5-21-2913843471-1356635206-1565958684-1001 - Administrator - Enabled) => C:\Users\48512
Administrator (S-1-5-21-2913843471-1356635206-1565958684-500 - Administrator - Disabled)
Gość (S-1-5-21-2913843471-1356635206-1565958684-501 - Limited - Disabled)
Konto domyślne (S-1-5-21-2913843471-1356635206-1565958684-503 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2913843471-1356635206-1565958684-504 - Limited - Disabled)

==================== Centrum zabezpieczeń ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
FW: Kaspersky Total Security (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
FW: ESET Zapora (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

App Explorer (HKU\S-1-5-21-2913843471-1356635206-1565958684-1001\...\Host App Service) (Version: 0.273.4.386 - SweetLabs) <==== UWAGA
Discord (HKU\S-1-5-21-2913843471-1356635206-1565958684-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3026 - Acer Incorporated)
Dynamic Application Loader Host Interface Service (HKLM\...\{A28339C8-E641-4CCE-A316-56F405D1C245}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{B0835288-9678-47F2-82E4-0946F566C34E}) (Version: 1.2.35.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
ESET Security (HKLM\...\{C8113C9E-3025-4DC5-89E8-71F7C080967A}) (Version: 15.0.23.0 - ESET, spol. s r.o.)
ExpressVPN (HKLM-x32\...\{878F6EB4-73BF-4A1E-9A92-6DDF9EDC8A8B}) (Version: 2.3.21096.1 - Acer)
FiveM (HKU\S-1-5-21-2913843471-1356635206-1565958684-1001\...\CitizenFX_FiveM) (Version:  - Cfx.re)
Intel(R) Chipset Device Software (HKLM-x32\...\{99926fb7-5da9-4101-b79f-eec3674ca64b}) (Version: 10.1.18634.8254 - Intel(R) Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2101.15.0.2080 - Intel Corporation)
Java 8 Update 321 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180321F0}) (Version: 8.0.3210.7 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lively Wallpaper version 1.7.4.2 (HKU\S-1-5-21-2913843471-1356635206-1565958684-1001\...\{E3E43E1B-DEC8-44BF-84A6-243DBA3F2CB1}}_is1) (Version: 1.7.4.2 - rocksdanister)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 99.0.1150.30 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2913843471-1356635206-1565958684-1001\...\Teams) (Version: 1.5.00.2164 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{16E50919-B07A-4B4E-994A-476D4773F5BF}) (Version: 3.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30133 (HKLM-x32\...\{38b2c744-ad08-4d5b-91a2-3fb6f739ff3e}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.21 (x86) (HKLM-x32\...\{d1c9f155-e14a-4486-b545-dde658719aac}) (Version: 3.1.21.30622 - Microsoft Corporation)
MyNotes (HKU\S-1-5-21-2913843471-1356635206-1565958684-1001\...\MyNotes) (Version: 1.1.0J - MyNotes)
NitroSense Service (HKLM\...\{9089CCF1-ABBE-4271-A0F0-5119BF339A83}) (Version: 3.00.3008 - Acer Incorporated)
NVIDIA FrameView SDK 1.2.7321.30900954 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7321.30900954 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.0.84 - NVIDIA Corporation)
NVIDIA Oprogramowanie systemu PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA Sterownik dźwięku HD 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 511.79 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 511.79 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.2.1 - OBS Project)
OpenIV (HKU\S-1-5-21-2913843471-1356635206-1565958684-1001\...\OpenIV) (Version: 4.1.1502 - .black/OpenIV Team)
Opera GX Stable 83.0.4254.70 (HKU\S-1-5-21-2913843471-1356635206-1565958684-1001\...\Opera GX 83.0.4254.70) (Version: 83.0.4254.70 - Opera Software)
OptaneDowngradeGuard (HKLM\...\{86B0E6C1-32E0-42CC-BC4F-BF3C0730CECB}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Paradox Launcher v2 (HKLM\...\{A92DB5D9-A24D-4678-9F91-B4FA6D895718}) (Version: 2.0.4.0 - Paradox Interactive)
Quick Access Service (HKLM\...\{AB25551C-74EF-4BAB-9989-891517FCF9FF}) (Version: 3.00.3017 - Acer Incorporated)
Quick CPU x64 (HKLM\...\{B12AC16E-C80C-4852-94DF-DF8802F9B795}) (Version: 3.6.1.0 - CoderBag)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9107.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.45.928.2020 - Realtek)
REAPER (x64) (HKLM\...\REAPER) (Version:  - )
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.55.661 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.9.3 - Rockstar Games)
RstDowngradeGuard (HKLM\...\{13C2A26E-7AD4-4D82-BB4F-DEA6E871B958}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Spotify (HKU\S-1-5-21-2913843471-1356635206-1565958684-1001\...\Spotify) (Version: 1.1.80.699.gc3dac750 - Spotify AB)
Sprawdzanie kondycji komputera z systemem Windows (HKLM\...\{497ED226-5E88-4EC5-9340-373B1C56906F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Środowisko uruchomieniowe Microsoft Edge WebView2 (HKLM-x32\...\Microsoft EdgeWebView) (Version: 99.0.1150.30 - Microsoft Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
VALORANT (HKU\S-1-5-21-2913843471-1356635206-1565958684-1001\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
WeMod (HKU\S-1-5-21-2913843471-1356635206-1565958684-1001\...\WeMod) (Version: 7.2.0 - WeMod)
WinRAR 6.02 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)

Packages:
=========
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.41601.0_x64__8wekyb3d8bbwe [2021-09-15] (Microsoft Corporation)
Dodatek Aparat multimediów dla aplikacji Zdjęcia -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-02-23] (Microsoft Corporation)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1024.0_x64__8j3eq9eme6ctt [2022-02-16] (INTEL CORP)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-24] (Netflix, Inc.)
NitroSense_DT_V30 -> C:\Program Files\WindowsApps\AcerIncorporated.NitroSenseDTV30_3.0.3008.0_x64__48frkmn4z8aw4 [2021-09-13] (Acer Incorporated)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-02-17] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.23.242.0_x64__dt26b99r8h8gj [2021-09-13] (Realtek Semiconductor Corp)
TranslucentTB -> C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2021.5.0.0_x64__v826wp6bftszj [2022-01-29] (Charles Milette) [Startup Task]

==================== Niestandardowe rejestracje CLSID (filtrowane): ==============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

CustomCLSID: HKU\S-1-5-21-2913843471-1356635206-1565958684-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\48512\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21348.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Windows\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_fac18e2da6ec7b25\OptaneShellExt.dll [2020-12-16] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-01-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-01-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Windows\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_fac18e2da6ec7b25\OptaneShellExt.dll [2020-12-16] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvaei.inf_amd64_c89fa084d6c97dba\nvshext.dll [2022-02-10] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-01-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-15] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (filtrowane) ====================

==================== Skróty & WMI ========================

==================== Załadowane moduły (filtrowane) =============

2022-01-29 13:35 - 2021-11-05 06:17 - 000939520 _____ () [Brak podpisu cyfrowego] [Plik w użyciu] C:\Users\48512\AppData\Local\Programs\Lively Wallpaper\plugins\cef\CefSharp.BrowserSubprocess.Core.dll
2022-01-29 13:35 - 2021-11-05 06:18 - 001419264 _____ () [Brak podpisu cyfrowego] [Plik w użyciu] C:\Users\48512\AppData\Local\Programs\Lively Wallpaper\plugins\cef\CefSharp.Core.Runtime.dll
2021-09-13 12:35 - 2022-01-27 23:05 - 126964224 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2021-09-13 12:35 - 2021-11-17 12:38 - 000384000 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2021-09-13 12:35 - 2021-11-17 12:38 - 008006656 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2022-01-29 13:35 - 2020-04-17 02:01 - 000244224 _____ () [Brak podpisu cyfrowego] C:\Users\48512\AppData\Local\Programs\Lively Wallpaper\MSVCP140_APP.dll
2022-01-29 13:35 - 2021-10-30 12:43 - 137802752 _____ () [Brak podpisu cyfrowego] C:\Users\48512\AppData\Local\Programs\Lively Wallpaper\plugins\cef\libcef.dll
2022-01-29 13:36 - 2021-10-30 11:24 - 000334848 _____ () [Brak podpisu cyfrowego] C:\Users\48512\AppData\Local\Programs\Lively Wallpaper\plugins\cef\libegl.dll
2022-01-29 13:36 - 2021-10-30 11:24 - 005743616 _____ () [Brak podpisu cyfrowego] C:\Users\48512\AppData\Local\Programs\Lively Wallpaper\plugins\cef\libglesv2.dll
2022-01-29 13:35 - 2020-04-17 02:01 - 000013312 _____ () [Brak podpisu cyfrowego] C:\Users\48512\AppData\Local\Programs\Lively Wallpaper\VCRUNTIME140_APP.dll
2022-01-29 13:35 - 2020-10-13 07:59 - 000179712 _____ (Dominic Jonas) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Users\48512\AppData\Local\Programs\Lively Wallpaper\NLogViewer.dll
2022-01-29 13:35 - 2021-02-21 23:00 - 001004544 _____ (GitHub) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Users\48512\AppData\Local\Programs\Lively Wallpaper\Octokit.dll
2022-01-29 13:35 - 2021-04-30 15:35 - 000056832 _____ (Linearstar) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Users\48512\AppData\Local\Programs\Lively Wallpaper\RawInput.Sharp.dll
2022-01-29 13:36 - 2021-02-08 01:09 - 000007680 _____ (livelySubProcess) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Users\48512\AppData\Local\Programs\Lively Wallpaper\plugins\subproc\livelySubProcess.dll
2022-01-29 13:35 - 2021-11-30 22:08 - 001132544 _____ (livelywpf) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Users\48512\AppData\Local\Programs\Lively Wallpaper\livelywpf.dll
2022-01-29 13:35 - 2021-11-30 22:08 - 000024576 _____ (livelywpf) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Users\48512\AppData\Local\Programs\Lively Wallpaper\pl\livelywpf.resources.dll
2022-01-29 13:35 - 2020-01-25 11:39 - 000005120 _____ (Matteo Pagani) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Users\48512\AppData\Local\Programs\Lively Wallpaper\DesktopBridge.Helpers.dll
2022-01-29 13:35 - 2021-03-23 17:33 - 000914944 _____ (ModernWpf) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Users\48512\AppData\Local\Programs\Lively Wallpaper\ModernWpf.dll
2022-01-29 13:35 - 2021-03-23 17:33 - 000007168 _____ (ModernWpf) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Users\48512\AppData\Local\Programs\Lively Wallpaper\pl-PL\ModernWpf.resources.dll
2022-01-29 13:35 - 2021-03-23 17:34 - 000702464 _____ (ModernWpf.Controls) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Users\48512\AppData\Local\Programs\Lively Wallpaper\ModernWpf.Controls.dll
2022-01-29 13:35 - 2021-10-24 23:54 - 000822272 _____ (NLog) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Users\48512\AppData\Local\Programs\Lively Wallpaper\NLog.dll
2021-09-13 12:35 - 2022-01-27 23:05 - 000983552 _____ (The Chromium Authors) [Brak podpisu cyfrowego] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll
2022-01-29 13:35 - 2021-10-30 11:29 - 000965120 _____ (The Chromium Authors) [Brak podpisu cyfrowego] C:\Users\48512\AppData\Local\Programs\Lively Wallpaper\plugins\cef\chrome_elf.dll

==================== Alternate Data Streams (filtrowane) ========

(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)

AlternateDataStreams: C:\ProgramData:NT [40]
AlternateDataStreams: C:\ProgramData:NT2 [188]
AlternateDataStreams: C:\Windows\system32\$Acer$.cmd:6015BCEB7F [10]
AlternateDataStreams: C:\Users\All Users:NT [40]
AlternateDataStreams: C:\Users\All Users:NT2 [188]
AlternateDataStreams: C:\Users\48512\Dane aplikacji:NT [40]
AlternateDataStreams: C:\Users\48512\Dane aplikacji:NT2 [188]
AlternateDataStreams: C:\Users\48512\AppData\Roaming:NT [40]
AlternateDataStreams: C:\Users\48512\AppData\Roaming:NT2 [188]
AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT [40]
AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT2 [188]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [188]
AlternateDataStreams: C:\ProgramData\rsEngine.config.backup:CF02139FF4 [10]
AlternateDataStreams: C:\ProgramData\sqlite3.dll:016BF53414 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\ExpressVPN.lnk:6566346E84 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk:4C32B9D343 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Planet9 Link.url:A63BF68F5C [10]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [10308]

==================== Tryb awaryjny (filtrowane) ==================

==================== Powiązania plików (filtrowane) =================

==================== Internet Explorer (filtrowane) ==========

SearchScopes: HKU\S-1-5-21-2913843471-1356635206-1565958684-1001 -> ae327bf2-4483-11ec-adb6-98eecbde5fe0 URL = hxxps://yandex.ru/search/?win=515&clid=2379714-912&text={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_321\bin\ssv.dll [2022-01-21] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_321\bin\jp2ssv.dll [2022-01-21] (Oracle America, Inc. -> Oracle Corporation)

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)

IE trusted site: HKU\S-1-5-21-2913843471-1356635206-1565958684-1001\...\hola.org -> hxxp://hola.org

==================== Hosts - zawartość: =========================

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

2019-12-07 10:14 - 2022-01-05 21:00 - 000000000 _____ C:\Windows\system32\drivers\etc\hosts

2021-10-15 17:11 - 2021-12-23 16:01 - 000000446 _____ C:\Windows\system32\drivers\etc\hosts.ics
2.168.137.1 DESKTOP-64JNB7A.mshome.net # 2026 10 3 14 16 13 24 6

==================== Inne obszary ===========================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\dotnet\
HKU\S-1-5-21-2913843471-1356635206-1565958684-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\acer01.jpg
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Zapora systemu Windows [funkcja włączona]

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

MSCONFIG\Services: PSSvc => 3
MSCONFIG\Services: QASvc => 3
MSCONFIG\Services: RstMwService => 2
HKU\S-1-5-21-2913843471-1356635206-1565958684-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2913843471-1356635206-1565958684-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2913843471-1356635206-1565958684-1001\...\StartupApproved\Run: => "MyNotes"
HKU\S-1-5-21-2913843471-1356635206-1565958684-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== Reguły Zapory systemu Windows (filtrowane) ================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

FirewallRules: [{97891386-81E2-48C3-AB2B-5557D28FACAB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{1E367C9F-BA92-4312-8726-13B80F33D3DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{B7DDEAE1-3A71-464A-95A2-14FC37A9BDAF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => Brak pliku
FirewallRules: [{0885AFB7-B3B6-4DF3-A65C-82506406003A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D160223B-1856-40E3-B061-AE9E427BA9AC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{64F97128-D816-472E-9845-8E4693BFD657}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9D10F812-75C3-4345-B545-0A453C206765}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B1610C08-CC92-4B5C-B0AF-9310ED7B91C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{1FF48A5A-81A5-4C81-92D7-33284A5B0F28}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{16CC09E5-8F7A-4AF8-BCCA-80F95866E900}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EE37D0AF-1F2A-4B3B-BCBC-93D7D21B9D53}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{313A7163-26A9-4F78-8741-AF1D6E79ADE8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E3C35473-C637-49B7-8DD2-790A41A1D29F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{273855E4-8E61-491A-A4BD-71FA252A3EA7}C:\users\48512\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\48512\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{C49EDE56-8C19-43D7-BC74-8DC4DCEFF265}C:\users\48512\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\48512\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{75579143-72DF-4A3B-AD2F-DF77BFECBE90}C:\users\48512\appdata\roaming\crystal-launcher\runtime\64\jre1.8.0_271\bin\javaw.exe] => (Block) C:\users\48512\appdata\roaming\crystal-launcher\runtime\64\jre1.8.0_271\bin\javaw.exe
FirewallRules: [UDP Query User{71C626C6-1C26-4ABB-B397-DE4CB8E26B67}C:\users\48512\appdata\roaming\crystal-launcher\runtime\64\jre1.8.0_271\bin\javaw.exe] => (Block) C:\users\48512\appdata\roaming\crystal-launcher\runtime\64\jre1.8.0_271\bin\javaw.exe
FirewallRules: [TCP Query User{7C6A054E-27F3-42C5-9EE1-7F5C53DBAAB1}C:\users\48512\appdata\local\programs\opera gx\78.0.4093.214\opera.exe] => (Block) C:\users\48512\appdata\local\programs\opera gx\78.0.4093.214\opera.exe => Brak pliku
FirewallRules: [UDP Query User{5B49A3B0-6561-4F98-A9CC-818019DECE1D}C:\users\48512\appdata\local\programs\opera gx\78.0.4093.214\opera.exe] => (Block) C:\users\48512\appdata\local\programs\opera gx\78.0.4093.214\opera.exe => Brak pliku
FirewallRules: [TCP Query User{961AD955-377F-4263-8CFC-BAB07B6C937E}C:\users\48512\documents\people.playground.v1.18.1\people.playground.v1.18.1\people.playground.v1.18.1\people playground.exe] => (Allow) C:\users\48512\documents\people.playground.v1.18.1\people.playground.v1.18.1\people.playground.v1.18.1\people playground.exe => Brak pliku
FirewallRules: [UDP Query User{5FEE5FD3-D46B-4F30-8FFC-F7C6DC4468DC}C:\users\48512\documents\people.playground.v1.18.1\people.playground.v1.18.1\people.playground.v1.18.1\people playground.exe] => (Allow) C:\users\48512\documents\people.playground.v1.18.1\people.playground.v1.18.1\people.playground.v1.18.1\people playground.exe => Brak pliku
FirewallRules: [TCP Query User{BF41A6F5-F66C-47FC-8432-BB7A2E8AFA7A}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{53808D0F-1072-421E-9A66-6739445CCF49}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{33047AE8-0408-4E63-B02E-6F24796B171C}C:\users\48512\downloads\gta san andreas - narge\gta san andreas\proxy_sa.exe] => (Allow) C:\users\48512\downloads\gta san andreas - narge\gta san andreas\proxy_sa.exe => Brak pliku
FirewallRules: [UDP Query User{76E5F58A-35C0-4F1B-B451-9EBF0D10727A}C:\users\48512\downloads\gta san andreas - narge\gta san andreas\proxy_sa.exe] => (Allow) C:\users\48512\downloads\gta san andreas - narge\gta san andreas\proxy_sa.exe => Brak pliku
FirewallRules: [TCP Query User{CBE017C5-DBF4-43E1-A7EE-2F4E20B8DA3B}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{0F092B0A-B4FE-420E-987B-8F24A6E324CE}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{FBD53AEA-346B-4BBE-941C-04319CC93298}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{B37489C5-E2DB-4961-8DD7-04726316C470}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{5824027B-AC47-41CF-9DB8-1943EBC4588D}C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{DE2FA72E-07E0-47E2-8AD1-C41D248B87F6}C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{C8406A8C-24EF-46D7-BA2B-5913ADEB5C09}C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{9C38C83F-59BF-40D8-9B3E-C4E117DFBF0E}C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{33A5CDF4-5FAF-48EE-A4E9-57250AADE28F}C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{D7D483FB-AE92-4A12-9D57-72EC04BEA3BD}C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{1D4C98DC-B73F-490B-B608-75A34A693140}C:\users\48512\appdata\roaming\crystal-launcher\runtimes\nx\16.0.1-windows64\jdk-16.0.1\bin\javaw.exe] => (Allow) C:\users\48512\appdata\roaming\crystal-launcher\runtimes\nx\16.0.1-windows64\jdk-16.0.1\bin\javaw.exe
FirewallRules: [UDP Query User{7A04D01A-09F1-4F12-9066-DA80D7458505}C:\users\48512\appdata\roaming\crystal-launcher\runtimes\nx\16.0.1-windows64\jdk-16.0.1\bin\javaw.exe] => (Allow) C:\users\48512\appdata\roaming\crystal-launcher\runtimes\nx\16.0.1-windows64\jdk-16.0.1\bin\javaw.exe
FirewallRules: [TCP Query User{465C6259-529B-49CF-962D-74379083BEA8}C:\users\48512\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\48512\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{FF6DEC8F-FE66-45DC-8E56-DA862E56BAE0}C:\users\48512\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\48512\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{EE25D342-D7BB-4F8C-B4E2-2A05A4EFB448}C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{BF53C12B-E1EA-4245-AB18-8929BC1332DB}C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{1F322CA7-703D-4472-BF0C-5A21A6A4FFC4}C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{4FF8E1A1-6B33-4839-9C84-B3B02B85E18A}C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{2D1DE2A6-8A27-4E15-8779-A05434965C81}C:\users\48512\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\48512\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{37102340-7972-45C7-97F6-136E50F445DA}C:\users\48512\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\48512\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{A60BB691-BA03-4F4D-9F5C-547AF3A3930B}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{C7DD3118-4A15-45FC-A1E1-589D611FE7EF}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{384A56E0-1FFF-4AC9-A609-E75C45D0CE92}C:\users\48512\documents\people.playground.v1.18.1\people.playground.v1.18.1\people.playground.v1.18.1\people playground.exe] => (Block) C:\users\48512\documents\people.playground.v1.18.1\people.playground.v1.18.1\people.playground.v1.18.1\people playground.exe => Brak pliku
FirewallRules: [UDP Query User{05C0D02C-C922-49BC-A610-CB9BE7531E76}C:\users\48512\documents\people.playground.v1.18.1\people.playground.v1.18.1\people.playground.v1.18.1\people playground.exe] => (Block) C:\users\48512\documents\people.playground.v1.18.1\people.playground.v1.18.1\people.playground.v1.18.1\people playground.exe => Brak pliku
FirewallRules: [TCP Query User{09C35199-39D0-4029-8532-EF7324B256E6}C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{D382BFAE-78D3-4C56-88EF-9581825C3BEE}C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [{3D433CBF-A484-4AF2-900D-48D3FB66D919}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe () [Brak podpisu cyfrowego]
FirewallRules: [{C56A9611-E76F-4EE0-BA26-7FB1533150BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe () [Brak podpisu cyfrowego]
FirewallRules: [TCP Query User{5ABE8D1C-A044-45F5-937F-27A789BD61C3}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{8AD0A1CF-5C31-4A9A-A55E-7DA17F09375D}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{0028E4B5-5E38-4588-9B76-054FD612FE2E}C:\users\48512\desktop\teardown.v0.8.0\teardown.v0.8.0\teardown.exe] => (Allow) C:\users\48512\desktop\teardown.v0.8.0\teardown.v0.8.0\teardown.exe => Brak pliku
FirewallRules: [UDP Query User{819E2310-4978-4650-912A-B2CD93AB5507}C:\users\48512\desktop\teardown.v0.8.0\teardown.v0.8.0\teardown.exe] => (Allow) C:\users\48512\desktop\teardown.v0.8.0\teardown.v0.8.0\teardown.exe => Brak pliku
FirewallRules: [{3A583E98-1FAE-4046-850C-298FC5A15443}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{00D786BC-B751-4472-8EF4-440D84EB6F20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [TCP Query User{7493B652-32F6-4104-9F22-1A8CE18B3EE7}C:\users\48512\documents\gaming\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\48512\documents\gaming\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => Brak pliku
FirewallRules: [UDP Query User{9A0D4718-E99F-407F-94D8-1AE4B01A3097}C:\users\48512\documents\gaming\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\48512\documents\gaming\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => Brak pliku
FirewallRules: [TCP Query User{99AF2F71-C9C7-4F53-A951-751B1166B2A7}C:\users\48512\documents\gaming\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\48512\documents\gaming\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe => Brak pliku
FirewallRules: [UDP Query User{D609314E-111E-42A4-9F0B-D6B8FAFD33A4}C:\users\48512\documents\gaming\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\48512\documents\gaming\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe => Brak pliku
FirewallRules: [TCP Query User{33021DE7-6F1E-4521-A6C1-5A07EFEE51FB}C:\users\48512\appdata\roaming\crystal-launcher\runtimes\nx\17.0.1-windows64\jdk-17.0.1+12\bin\javaw.exe] => (Allow) C:\users\48512\appdata\roaming\crystal-launcher\runtimes\nx\17.0.1-windows64\jdk-17.0.1+12\bin\javaw.exe
FirewallRules: [UDP Query User{7B75D658-B9E0-47BA-97AC-FE1BCFFEE513}C:\users\48512\appdata\roaming\crystal-launcher\runtimes\nx\17.0.1-windows64\jdk-17.0.1+12\bin\javaw.exe] => (Allow) C:\users\48512\appdata\roaming\crystal-launcher\runtimes\nx\17.0.1-windows64\jdk-17.0.1+12\bin\javaw.exe
FirewallRules: [TCP Query User{C68038C5-53F4-42B4-A4C3-23E1FD96359B}C:\users\48512\documents\gaming\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\48512\documents\gaming\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => Brak pliku
FirewallRules: [UDP Query User{CEE6EE85-A9B3-4F98-8390-31DD12ED7D89}C:\users\48512\documents\gaming\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\48512\documents\gaming\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => Brak pliku
FirewallRules: [{F73D05E0-FD7C-4177-8CC2-5420AED787B6}] => (Allow) C:\Users\48512\AppData\Local\Programs\Opera\82.0.4227.32\opera.exe => Brak pliku
FirewallRules: [{6455B142-F3A6-4704-BE0F-6869FAA6DB74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\People Playground\People Playground.exe () [Brak podpisu cyfrowego]
FirewallRules: [{A21CAD6D-C457-4B3C-87D9-3CE98C48A4DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\People Playground\People Playground.exe () [Brak podpisu cyfrowego]
FirewallRules: [TCP Query User{FD0D6E96-43D1-468C-BEA5-49E08E276566}C:\users\48512\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\48512\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{41026F9A-6861-40C7-B2C4-E527BAE82F46}C:\users\48512\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\48512\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{000C11C3-75D1-4836-8F54-B937EBA6498D}C:\users\48512\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\48512\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{2E38D50E-45E5-48A8-9E3B-2FD5509A6C53}C:\users\48512\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\48512\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{A5DCDF71-B11B-422E-9222-995B1173B994}C:\users\48512\documents\gaming\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\48512\documents\gaming\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => Brak pliku
FirewallRules: [UDP Query User{EB704B94-B801-48A2-A6BD-3074ED0027AB}C:\users\48512\documents\gaming\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\48512\documents\gaming\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => Brak pliku
FirewallRules: [TCP Query User{DA92C690-FF3A-4E8E-BFAA-2EC094375C4C}C:\users\48512\documents\gaming\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\48512\documents\gaming\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe => Brak pliku
FirewallRules: [UDP Query User{83B58848-ADFD-46B0-9506-1DCE28FF00E2}C:\users\48512\documents\gaming\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\48512\documents\gaming\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe => Brak pliku
FirewallRules: [TCP Query User{27B51DB0-CC83-4A36-AC96-96E2E86924BE}C:\users\48512\documents\gaming\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\48512\documents\gaming\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => Brak pliku
FirewallRules: [UDP Query User{71794AC6-1221-4457-B0E9-F78D51FDE95D}C:\users\48512\documents\gaming\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\48512\documents\gaming\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => Brak pliku
FirewallRules: [TCP Query User{D36AA5E2-A3D9-46E2-A7AD-C939C33F3801}C:\users\48512\appdata\local\temp\scoped_dir4796_109758267\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\48512\appdata\local\temp\scoped_dir4796_109758267\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => Brak pliku
FirewallRules: [UDP Query User{61235C8C-F8BA-412C-BA80-43B0A2ABCBA6}C:\users\48512\appdata\local\temp\scoped_dir4796_109758267\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\48512\appdata\local\temp\scoped_dir4796_109758267\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => Brak pliku
FirewallRules: [TCP Query User{6F00E3D7-E511-4A29-BCFA-A41CD52BF931}C:\windows\bfsvc.exe] => (Block) C:\windows\bfsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{91C2F406-65B6-4FBB-A72D-8C1541DCA0DE}C:\windows\bfsvc.exe] => (Block) C:\windows\bfsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3D197A27-4175-4A2F-B641-181165607494}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe () [Brak podpisu cyfrowego]
FirewallRules: [{8798BF89-C131-4724-8DC6-4B264FEFB6C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe () [Brak podpisu cyfrowego]
FirewallRules: [TCP Query User{13D6A39C-F09A-4FB3-9EAE-7546F7EE377B}C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{BD185829-20E8-46AD-B2A7-562CC3088C25}C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{44F3AB77-A950-4700-B086-480DE7707B4F}C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Block) C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{7BD30E21-95F9-4B86-AB92-13E778760480}C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Block) C:\users\48512\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [{4524CB1D-733B-400A-8DA9-3907BF167E80}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{780CA101-8B5E-4275-8CD2-B02B7B84CB69}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{27A7CB37-FBEC-45F1-AE4D-321320B4C480}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{5D953A21-D4E7-4376-AF0D-545FA8917B06}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{4B25C981-50B2-4664-A3DE-EE1952D89740}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{D8EBF8D1-5CA0-4799-A30E-FA266B9C2C50}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{F135232E-1741-4483-9DEE-22A7ED6FAB18}C:\users\48512\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\48512\appdata\local\discord\app-1.0.9004\discord.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [UDP Query User{E9FFAB8D-2D3D-446F-B0A7-2CE6AC2D7070}C:\users\48512\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\48512\appdata\local\discord\app-1.0.9004\discord.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [{6B6D6D0C-ECB0-4D7E-8A8C-DD59DEDBA708}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lego Star Wars Saga\LEGOStarWarsSaga.exe (Traveller's Tales (UK) Ltd) [Brak podpisu cyfrowego]
FirewallRules: [{2B6EAAFD-3B4B-4D82-B161-9DA62D4CB9BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lego Star Wars Saga\LEGOStarWarsSaga.exe (Traveller's Tales (UK) Ltd) [Brak podpisu cyfrowego]
FirewallRules: [{C4BE3777-EFD0-44E1-B6E1-D759D92FEB00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\System\Postal2.exe () [Brak podpisu cyfrowego]
FirewallRules: [{BEAA73B0-5D81-41BA-B9D7-114F8B4736CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\System\Postal2.exe () [Brak podpisu cyfrowego]
FirewallRules: [{5797649A-1B79-430F-A238-D5C4EB41B6A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe () [Brak podpisu cyfrowego]
FirewallRules: [{D6B4FF4A-20C4-4F73-B250-2441FDC3EB68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe () [Brak podpisu cyfrowego]
FirewallRules: [TCP Query User{8484A93F-090C-47B0-8562-E4761355A497}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{127D4C91-DD28-43D5-9B5E-E3EAC6B74FDF}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{C1037574-1E2E-4A0C-93A5-60270FD3705F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\99.0.1150.30\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Punkty Przywracania systemu =========================

26-02-2022 22:47:55 Instalator modułów systemu Windows

==================== Wadliwe urządzenia w Menedżerze urządzeń ============


==================== Błędy w Dzienniku zdarzeń: ========================

Dziennik Aplikacja:
==================
Error: (03/05/2022 01:57:49 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance.  hr = 0x8007045b, Trwa proces zamykania systemu.
.

Error: (03/05/2022 01:57:49 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, Trwa proces zamykania systemu.
]

Error: (03/02/2022 04:04:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: vgtray.exe, wersja: 1.11.2.112, sygnatura czasowa: 0x61a58fcf
Nazwa modułu powodującego błąd: vgtray.exe, wersja: 1.11.2.112, sygnatura czasowa: 0x61a58fcf
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x0000000000072af4
Identyfikator procesu powodującego błąd: 0x233c
Godzina uruchomienia aplikacji powodującej błąd: 0x01d82e391ca74e6c
Ścieżka aplikacji powodującej błąd: C:\Program Files\Riot Vanguard\vgtray.exe
Ścieżka modułu powodującego błąd: C:\Program Files\Riot Vanguard\vgtray.exe
Identyfikator raportu: 5d2476dd-f3fc-4dda-9638-fbbabd653c49
Pełna nazwa pakietu powodującego błąd: 
Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (02/27/2022 02:49:13 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002

Error: (02/27/2022 02:49:13 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002

Error: (02/27/2022 02:49:13 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003

Error: (02/27/2022 02:05:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: LegendWare.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x5feb09fc
Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.19041.1466, sygnatura czasowa: 0x9012d056
Kod wyjątku: 0xc0000374
Przesunięcie błędu: 0x000e6c43
Identyfikator procesu powodującego błąd: 0x2814
Godzina uruchomienia aplikacji powodującej błąd: 0x01d82bda9ba0ff91
Ścieżka aplikacji powodującej błąd: C:\Users\48512\Desktop\LegendWare.exe
Ścieżka modułu powodującego błąd: C:\Windows\SYSTEM32\ntdll.dll
Identyfikator raportu: 309e7553-8f83-4b50-ba4b-1c92e6a882e1
Pełna nazwa pakietu powodującego błąd: 
Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (02/27/2022 02:05:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: csgo.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x61b3b629
Nazwa modułu powodującego błąd: legendware.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x5fe607bf
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x00001196
Identyfikator procesu powodującego błąd: 0x21a8
Godzina uruchomienia aplikacji powodującej błąd: 0x01d82bdaa74c3a19
Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
Ścieżka modułu powodującego błąd: C:\F Loader\legendware.dll
Identyfikator raportu: 6978dedb-5f6f-47bd-ac72-60df0e0b77f3
Pełna nazwa pakietu powodującego błąd: 
Identyfikator aplikacji względem pakietu powodującego błąd:


Dziennik System:
=============
Error: (03/06/2022 10:04:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi SecurityServiceMonitor z powodu następującego błędu: 
Nie można odnaleźć określonego pliku.

Error: (03/06/2022 10:04:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi SecurityService z powodu następującego błędu: 
Nie można odnaleźć określonego pliku.

Error: (03/06/2022 10:04:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi hola_svc z powodu następującego błędu: 
Nie można odnaleźć określonego pliku.

Error: (03/06/2022 10:04:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi hola_updater z powodu następującego błędu: 
Nie można odnaleźć określonego pliku.

Error: (03/06/2022 10:04:26 AM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: Event-ID 14

Error: (03/05/2022 08:57:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi SecurityServiceMonitor z powodu następującego błędu: 
Nie można odnaleźć określonego pliku.

Error: (03/05/2022 08:57:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi SecurityService z powodu następującego błędu: 
Nie można odnaleźć określonego pliku.

Error: (03/05/2022 08:57:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi hola_updater z powodu następującego błędu: 
Nie można odnaleźć określonego pliku.


Windows Defender:
================
Date: 2022-01-06 22:04:31
Description: 
Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
Aby uzyskać więcej informacji, zobacz:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/MpTamperSrvDisableAV.H&threatid=2147785083&enterprise=0
Nazwa: Trojan:Win32/MpTamperSrvDisableAV.H
Identyfikator: 2147785083
Ważność: Poważny
Kategoria: Koń trojański
Ścieżka: CmdLine:_C:\Users\48512\AppData\Local\Temp\AdvancedRun.exe /EXEFilename C:\Windows\System32\sc.exe /WindowState 0 /CommandLine stop WinDefend /StartDirectory /RunAs 8 /Run
Pochodzenie wykrycia: Nieznane
Typ wykrycia: Konkretne
Źródło wykrycia: System
Użytkownik: ZARZĄDZANIE NT\SYSTEM
Nazwa procesu: Unknown
Wersja analizy zabezpieczeń: AV: 1.355.1499.0, AS: 1.355.1499.0, NIS: 0.0.0.0
Wersja aparatu: AM: 1.1.18800.4, NIS: 0.0.0.0

Date: 2022-01-06 22:02:31
Description: 
Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
Aby uzyskać więcej informacji, zobacz:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/MpTamperSrvDisableAV.H&threatid=2147785083&enterprise=0
Nazwa: Trojan:Win32/MpTamperSrvDisableAV.H
Identyfikator: 2147785083
Ważność: Poważny
Kategoria: Koń trojański
Ścieżka: CmdLine:_C:\Users\48512\AppData\Local\Temp\AdvancedRun.exe /EXEFilename C:\Windows\System32\sc.exe /WindowState 0 /CommandLine stop WinDefend /StartDirectory /RunAs 8 /Run
Pochodzenie wykrycia: Nieznane
Typ wykrycia: Konkretne
Źródło wykrycia: System
Użytkownik: ZARZĄDZANIE NT\SYSTEM
Nazwa procesu: Unknown
Wersja analizy zabezpieczeń: AV: 1.355.1499.0, AS: 1.355.1499.0, NIS: 0.0.0.0
Wersja aparatu: AM: 1.1.18800.4, NIS: 0.0.0.0

Date: 2022-01-06 21:57:54
Description: 
Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
Aby uzyskać więcej informacji, zobacz:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/MpTamperSrvDisableAV.H&threatid=2147785083&enterprise=0
Nazwa: Trojan:Win32/MpTamperSrvDisableAV.H
Identyfikator: 2147785083
Ważność: Poważny
Kategoria: Koń trojański
Ścieżka: CmdLine:_C:\Users\48512\AppData\Local\Temp\AdvancedRun.exe /EXEFilename C:\Windows\System32\sc.exe /WindowState 0 /CommandLine stop WinDefend /StartDirectory /RunAs 8 /Run
Pochodzenie wykrycia: Nieznane
Typ wykrycia: Konkretne
Źródło wykrycia: System
Użytkownik: ZARZĄDZANIE NT\SYSTEM
Nazwa procesu: Unknown
Wersja analizy zabezpieczeń: AV: 1.355.1499.0, AS: 1.355.1499.0, NIS: 0.0.0.0
Wersja aparatu: AM: 1.1.18800.4, NIS: 0.0.0.0

Date: 2022-01-06 21:55:16
Description: 
Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
Aby uzyskać więcej informacji, zobacz:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/MpTamperSrvDisableAV.H&threatid=2147785083&enterprise=0
Nazwa: Trojan:Win32/MpTamperSrvDisableAV.H
Identyfikator: 2147785083
Ważność: Poważny
Kategoria: Koń trojański
Ścieżka: CmdLine:_C:\Users\48512\AppData\Local\Temp\AdvancedRun.exe /EXEFilename C:\Windows\System32\sc.exe /WindowState 0 /CommandLine stop WinDefend /StartDirectory /RunAs 8 /Run
Pochodzenie wykrycia: Nieznane
Typ wykrycia: Konkretne
Źródło wykrycia: System
Użytkownik: ZARZĄDZANIE NT\SYSTEM
Nazwa procesu: Unknown
Wersja analizy zabezpieczeń: AV: 1.355.1499.0, AS: 1.355.1499.0, NIS: 0.0.0.0
Wersja aparatu: AM: 1.1.18800.4, NIS: 0.0.0.0

Date: 2022-01-06 21:53:16
Description: 
Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
Aby uzyskać więcej informacji, zobacz:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/MpTamperSrvDisableAV.H&threatid=2147785083&enterprise=0
Nazwa: Trojan:Win32/MpTamperSrvDisableAV.H
Identyfikator: 2147785083
Ważność: Poważny
Kategoria: Koń trojański
Ścieżka: CmdLine:_C:\Users\48512\AppData\Local\Temp\AdvancedRun.exe /EXEFilename C:\Windows\System32\sc.exe /WindowState 0 /CommandLine stop WinDefend /StartDirectory /RunAs 8 /Run
Pochodzenie wykrycia: Nieznane
Typ wykrycia: Konkretne
Źródło wykrycia: System
Użytkownik: ZARZĄDZANIE NT\SYSTEM
Nazwa procesu: Unknown
Wersja analizy zabezpieczeń: AV: 1.355.1499.0, AS: 1.355.1499.0, NIS: 0.0.0.0
Wersja aparatu: AM: 1.1.18800.4, NIS: 0.0.0.0

CodeIntegrity:
===============
Date: 2022-03-06 10:06:31
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Statystyki pamięci =========================== 

BIOS: American Megatrends Inc. R01-A1 03/18/2021
Płyta główna: Acer Nitro N50-620
Procesor: 11th Gen Intel(R) Core(TM) i5-11400F @ 2.60GHz
Procent pamięci w użyciu: 39%
Całkowita pamięć fizyczna: 16237.43 MB
Dostępna pamięć fizyczna: 9814.75 MB
Całkowita pamięć wirtualna: 22125.43 MB
Dostępna pamięć wirtualna: 13229.46 MB

==================== Dyski ================================

Drive c: (Acer) (Fixed) (Total:475.82 GB) (Free:79.49 GB) NTFS

\\?\Volume{940654eb-ee07-479d-8bc4-e59d994ca451}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.5 GB) NTFS
\\?\Volume{1565717c-2be4-4caf-9d1b-0af554a3d0ac}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32

==================== MBR & Tablica partycji ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: 57579177)

Partition: GPT.

==================== Koniec  Addition.txt =======================