Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 14-06-2022 Uruchomiony przez Marcin (administrator) MARCIN (Gigabyte Technology Co., Ltd. B450M DS3H) (14-06-2022 21:43:08) Uruchomiony z D:\Pobieranie Załadowane profile: Marcin Platform: Microsoft Windows 10 Pro Wersja 21H2 19044.1706 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.7779\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) I:\GRY\Diablo III\Battle.net\Battle.net.exe <3> (C:\Games\Wargaming.net\GameCenter\wgc.exe ->) (Wargaming.net Limited -> Wargaming.net) C:\Games\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <3> (C:\Games\Wargaming.net\GameCenter\wgc.exe ->) (Wargaming.net Limited -> Wargaming.net) C:\Games\Wargaming.net\GameCenter\WargamingErrorMonitor.exe (C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7> (C:\Program Files\Mozilla Firefox\firefox.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe ->) (Nvidia Corporation -> NVIDIA) C:\Program Files\NVIDIA Corporation\FrameViewSDK\bin\nvrla.exe (C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe ->) (Nvidia Corporation -> NVIDIA) C:\Program Files\NVIDIA Corporation\FrameViewSDK\bin\PresentMon_x64.exe <2> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (C:\Users\Marcin\AppData\Local\Temp\24qrrXHyyao7PIDSMXbgocvqIlv\services.exe ->) () [Brak podpisu cyfrowego] C:\Users\Marcin\AppData\Roaming\.dllbackups\data\modules\dll-host\downloads\phoenix\Antimalware Service Executable.exe (C:\Users\Marcin\AppData\Local\WebEx\ciscowebexstart.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\Marcin\AppData\Local\WebEx\WebEx\Meetings\atmgr.exe (C:\Users\Marcin\AppData\Roaming\.dllbackups\dllruntime.exe ->) (Microsoft Corporation) [Brak podpisu cyfrowego] C:\Users\Marcin\AppData\Local\Temp\24qrrXHyyao7PIDSMXbgocvqIlv\services.exe <4> (C:\Users\Marcin\AppData\Roaming\.dllbackups\dllservices.exe ->) (Microsoft Corporation) [Brak podpisu cyfrowego] C:\Users\Marcin\AppData\Local\Temp\1whF1RvNiobFJYw30GkgcYkKrao\dllservices.exe <3> (explorer.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\Marcin\AppData\Local\WebEx\ciscowebexstart.exe (explorer.exe ->) (Microsoft Corporation) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Users\Marcin\AppData\Roaming\.dllbackups\dllruntime.exe (explorer.exe ->) (Microsoft Corporation) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Users\Marcin\AppData\Roaming\.dllbackups\dllservices.exe (explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe (explorer.exe ->) (Wargaming.net Limited -> Wargaming.net) C:\Games\Wargaming.net\GameCenter\wgc.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD.) [Brak podpisu cyfrowego] C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngine.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7> (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <31> (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe <26> (services.exe ->) () [Brak podpisu cyfrowego] C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe (services.exe ->) () [Brak podpisu cyfrowego] C:\Program Files (x86)\Kinoni\EpocCam\KinoniSvc.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe (services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\9.0.1.1462\AdskLicensingService\AdskLicensingService.exe (services.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\Todo Backup\CMC\bin\EBCClient.exe (services.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe (services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (services.exe ->) (Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe (services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe (services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe (services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdlogsr.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_647b4244e991951b\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Nvidia Corporation -> NVIDIA) C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (svchost.exe ->) (EVGA Corp. -> EVGA Co., Ltd.) C:\Program Files\EVGA\Precision X1\PrecisionX_x64.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare software CO., LIMITED -> Wondershare) HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\GIGABYTE\AppCenter\PreRun.exe [14632 2016-02-26] (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-2114928705-1177048781-237462739-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4282328 2022-06-07] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-2114928705-1177048781-237462739-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3137808 2020-01-16] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-2114928705-1177048781-237462739-1001\...\Run: [Battle.net] => I:\GRY\Diablo III\Battle.net\Battle.net.exe [1088456 2022-06-13] (Blizzard Entertainment, Inc. -> Blizzard Entertainment) HKU\S-1-5-21-2114928705-1177048781-237462739-1001\...\Run: [Napisy24Update] => C:\Program Files\Napisy24\Napisy24Update.exe [3990528 2018-02-02] (Napisy24.pl) [Brak podpisu cyfrowego] HKU\S-1-5-21-2114928705-1177048781-237462739-1001\...\Run: [Discord] => C:\Users\Marcin\AppData\Local\Discord\Update.exe [1512616 2022-02-17] (Discord Inc. -> GitHub) HKU\S-1-5-21-2114928705-1177048781-237462739-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\Marcin\AppData\Local\WebEx\ciscowebexstart.exe [4713296 2022-02-16] (Cisco WebEx LLC -> Cisco Webex LLC) HKU\S-1-5-21-2114928705-1177048781-237462739-1001\...\Run: [electron.app.dllservices] => C:\Users\Marcin\AppData\Roaming\.dllbackups\dllservices.exe [63101989 2022-05-26] (Microsoft Corporation) [Brak podpisu cyfrowego] [Plik w użyciu] HKU\S-1-5-21-2114928705-1177048781-237462739-1001\...\Run: [electron.app.services] => C:\Users\Marcin\AppData\Roaming\.dllbackups\dllruntime.exe [63160117 2022-05-26] (Microsoft Corporation) [Brak podpisu cyfrowego] [Plik w użyciu] HKU\S-1-5-21-2114928705-1177048781-237462739-1001\...\Run: [Wargaming.net Game Center] => C:\Games\Wargaming.net\GameCenter\wgc.exe [2153008 2022-06-08] (Wargaming.net Limited -> Wargaming.net) HKU\S-1-5-21-2114928705-1177048781-237462739-1001\...\Run: [MicrosoftEdgeAutoLaunch_CD25C50A2248AF7292B6599F50C8310A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3595192 2022-06-09] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2114928705-1177048781-237462739-1001\...\Policies\Explorer: [] HKU\S-1-5-21-2114928705-1177048781-237462739-500\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Administrator\AppData\Local\Microsoft\Teams\Update.exe [2453720 2021-03-01] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-2114928705-1177048781-237462739-500\...\Run: [MicrosoftEdgeAutoLaunch_98769996E24836F99EC8617644423B4C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3595192 2022-06-09] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-18\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd -> Piriform Ltd) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\102.0.5005.115\Installer\chrmstp.exe [2022-06-11] (Google LLC -> Google LLC) ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {01218F67-F17E-4DA3-A3B1-0FF193A57098} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\B8422388-87A0-430F-AC01-BDFB68FD6CCE\PushUpgrade => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation) Task: {05695437-8637-47CB-BBFF-17B069D44976} - System32\Tasks\GoogleUpdateTaskMachineUA1d6a30895bb6326 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-23] (Google Inc -> Google Inc.) Task: {088947BB-877D-46DB-8F62-CC46E003866C} - System32\Tasks\LiquidSensord => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\LiquidSensord.exe [245760 2019-11-21] (GIGA-BYTE TECHNOLOGY CO., LTD.) [Brak podpisu cyfrowego] Task: {0D2F7414-A960-4305-B46E-FCEAD8D05CCE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd) Task: {10D5196E-3BDE-498F-9CCE-1E22506B5CEC} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\B8422388-87A0-430F-AC01-BDFB68FD6CCE\PushRenewal => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation) Task: {2139B8AF-3394-45E0-92C0-33B3D690286C} - System32\Tasks\e-pity2017_kwiecien => C:\Program Files (x86)\e-file\e-pity\Assets\signxml.exe notify 2 30.04.2019 (Brak pliku) Task: {21D4CDDE-A603-44E6-84C0-D505EDC8723D} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\B8422388-87A0-430F-AC01-BDFB68FD6CCE\Schedule #3 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation) Task: {22147BA0-BFE4-4A48-8091-E6D23C7D6C8A} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\B8422388-87A0-430F-AC01-BDFB68FD6CCE\Schedule to run OMADMClient by client => C:\WINDOWS\system32\omadmclient.exe [431616 2022-05-13] (Microsoft Windows -> Microsoft Corporation) Task: {23A9899C-0978-4D75-B4DD-7859BE3D1DDA} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {2E882937-7674-4BB9-860C-87735D5D5BF3} - System32\Tasks\GraphicsCardEngine => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngineStarter.exe [227328 2019-11-21] (GIGA-BYTE TECHNOLOGY CO., LTD.) [Brak podpisu cyfrowego] Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (Brak pliku) Task: {3E7ED02B-C783-4D27-B269-96A210A07804} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {3EE371E2-6855-4CE5-894E-85A3A960E503} - System32\Tasks\e-pity2017_styczen => C:\Program Files (x86)\e-file\e-pity\Assets\signxml.exe notify 1 31.01.2019 (Brak pliku) Task: {40DFCF0A-1CAE-434B-8DB3-69680AF65CB6} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {4B5C5FD9-31F9-477D-9A0B-2B188E3463C1} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\B8422388-87A0-430F-AC01-BDFB68FD6CCE\OS Edition Upgrade event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation) Task: {503E96D9-54E1-48F8-84BE-B2A9B7166D1C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {663988AD-D744-419B-98BC-4F991BF9A21D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-23] (Google Inc -> Google Inc.) Task: {67173ED6-BB1C-474A-88AB-F2715330530D} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {687483F2-3CEF-4A5F-9977-C7FC7DEB9F11} - System32\Tasks\GoogleUpdateTaskMachineCore1d6a30895b8079b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-23] (Google Inc -> Google Inc.) Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Task: {73477198-D746-4F1F-A221-36A54F22C6A0} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\B8422388-87A0-430F-AC01-BDFB68FD6CCE\PushLaunch => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation) Task: {7473769E-3F23-450D-B997-4967879138DC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {7AAA9567-FFD4-4A58-8BB6-DA3C18F6B4F5} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [677624 2019-11-21] (Advanced Micro Devices INC. -> ) Task: {7E40CBAA-AD12-4D4B-BDAF-32B5437B9F8E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE} Task: {8AB36CD0-9172-405B-BA75-1BAED8F35523} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {8ABA00D0-3E5C-46A7-A837-E200EDA3AC99} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-23] (Google Inc -> Google Inc.) Task: {8C0F405E-2363-4C76-A7CB-566E80C8D6CF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA} Task: {91E126C8-8444-4E85-AC01-F3771A1528E0} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {95C66060-DC0E-4323-905C-477638ADABD9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {9C850C40-2F90-48DF-85C7-B8D698ABAA65} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\B8422388-87A0-430F-AC01-BDFB68FD6CCE\Passport for Work alert created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation) Task: {9F3E9D2A-1650-4192-88F9-2A98132A10AE} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\B8422388-87A0-430F-AC01-BDFB68FD6CCE\Schedule to run OMADMClient by server => C:\WINDOWS\system32\omadmclient.exe [431616 2022-05-13] (Microsoft Windows -> Microsoft Corporation) Task: {AF74FE32-9314-478B-9245-14D7D0425306} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\B8422388-87A0-430F-AC01-BDFB68FD6CCE\Provisioning initiated session => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation) Task: {AFC0768F-5300-4182-AEBC-A3F02F464EEF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C178426B-BFAB-48A3-BC37-D26E39FDA7EB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13594584 2018-06-24] (Piriform Ltd -> Piriform Ltd) Task: {C24A3520-1445-45E7-9E94-54C50FF0CED1} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {C67C74EF-86F0-43A0-9BE5-9A6F2567DFB3} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\B8422388-87A0-430F-AC01-BDFB68FD6CCE\Schedule #1 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation) Task: {CB45053E-6A89-4C36-8D31-18A016CB831C} - System32\Tasks\SIV-VGA => C:\Program Files (x86)\GIGABYTE\SIV\sensord.exe [254176 2020-04-09] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {CF3950F9-037D-40D6-8BB6-12E984ED58C3} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {D217778B-39DF-441C-898A-E8DE31FF290E} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\B8422388-87A0-430F-AC01-BDFB68FD6CCE\Schedule created by enrollment client for renewal of certificate warning => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation) Task: {D4B0A356-69C2-4F76-AD79-90E22D7F6C47} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E0DC4672-4837-4DA4-A5FA-883B0085BFA9} - System32\Tasks\SIV => C:\Program Files (x86)\GIGABYTE\SIV\thermald.exe [426208 2020-04-09] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) Task: {E62959DA-44ED-4A09-8E7B-E80393DC6403} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\B8422388-87A0-430F-AC01-BDFB68FD6CCE\Win10 S Mode event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation) Task: {EB932CDA-D305-44EA-8385-53B1DC41378B} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\B8422388-87A0-430F-AC01-BDFB68FD6CCE\Schedule #2 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation) Task: {F9B9C191-E40F-4187-9141-734E9A57C049} - System32\Tasks\BlueStacksHelper => D:\GRY\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) Task: {FE184BE2-585E-4568-A62C-E10192865900} - System32\Tasks\EVGAPrecisionX => C:\Program Files\EVGA\Precision X1\PrecisionX_x64.exe [27903112 2021-12-17] (EVGA Corp. -> EVGA Co., Ltd.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.18.1 Tcpip\..\Interfaces\{1b514ee5-53cb-4b32-ad8f-7aecce72290b}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{61378D0C-7115-4ABE-9CFE-5CE968761848}: [DhcpNameServer] 192.168.18.1 Tcpip\..\Interfaces\{d1b7f621-41c2-439b-adcd-b8f2670a9651}: [DhcpNameServer] 192.168.18.1 Edge: ======= Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono] Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono] Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono] Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono] Edge DefaultProfile: Default Edge Profile: C:\Users\Marcin\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-14] Edge Profile: C:\Users\Marcin\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2021-09-24] Edge HKU\S-1-5-21-2114928705-1177048781-237462739-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx FireFox: ======== FF DefaultProfile: quytvwq5.default FF ProfilePath: C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\quytvwq5.default [2022-06-14] FF DownloadDir: D:\Pobieranie FF Homepage: Mozilla\Firefox\Profiles\quytvwq5.default -> hxxp://www.google.pl/ FF Notifications: Mozilla\Firefox\Profiles\quytvwq5.default -> hxxps://forum.android.com.pl; hxxps://rapids.pl; hxxps://key-drop.pl; hxxps://teams.microsoft.com FF Extension: (MyJDownloader Browser Extension) - C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\quytvwq5.default\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2021-06-24] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json] FF Extension: (LastPass: Free Password Manager) - C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\quytvwq5.default\Extensions\support@lastpass.com.xpi [2022-06-11] FF Extension: (Password Exporter) - C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\quytvwq5.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2018-01-17] [Przestarzałe] FF Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\quytvwq5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-05-31] FF HKLM-x32\...\Firefox\Extensions: [litmus-ff@f-secure.com] - C:\Program Files (x86)\F-Secure\NRS\litmus-ff@f-secure.com => nie znaleziono FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Brak pliku] FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [Brak podpisu cyfrowego] FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-10-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-20] (Oracle America, Inc. -> Oracle Corporation) Chrome: ======= CHR DefaultProfile: Guest Profile CHR Profile: C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default [2022-05-27] CHR Extension: (Dokumenty) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-23] CHR Extension: (Dysk Google) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-23] CHR Extension: (YouTube) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-23] CHR Extension: (Dokumenty Google offline) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-23] CHR Extension: (IDM Integration Module) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2019-11-13] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-13] CHR Extension: (e-pity - dodatek) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofoeigeaodhbjogdigckajfhjbonaofg [2019-11-13] CHR Extension: (Gmail) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-08-18] CHR Extension: (Chrome Media Router) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-13] CHR Profile: C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-03-22] CHR Profile: C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\System Profile [2022-03-22] CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1046904 2020-03-04] (Autodesk, Inc. -> Autodesk Inc.) R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16939312 2019-01-09] (Autodesk, Inc. -> Autodesk) S3 AppleChargerSrv; C:\WINDOWS\System32\AppleChargerSrv.exe [31272 2010-04-06] (Giga-Byte Technology -> ) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-12-07] (BattlEye Innovations e.K. -> ) R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [42632 2020-04-15] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812520 2022-02-14] (EasyAntiCheat Oy -> Epic Games, Inc) R2 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [143072 2019-12-05] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) R2 EBC Client; C:\Program Files (x86)\EaseUS\Todo Backup\CMC\bin\EBCClient.exe [95880 2020-04-16] (CHENGDU YIWO Tech Development Co., Ltd. -> ) S3 FACEITService; C:\Program Files\FACEIT AC\faceitservice.exe [19329296 2021-01-17] (FACE IT LIMITED -> ) S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [343808 2022-05-12] (FUTUREMARK INC -> Futuremark) S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1959776 2021-12-22] (GOG Sp. z o.o. -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832 2021-12-22] (GOG Sp. z o.o. -> GOG.com) R2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [128736 2020-04-09] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) R2 KinoniSvc; C:\Program Files (x86)\Kinoni\EpocCam\KinoniSvc.exe [748544 2020-04-18] () [Brak podpisu cyfrowego] S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [18534552 2020-01-01] (Mail.Ru LLC -> LLC Mail.Ru) R2 MyService1; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [18944 2021-04-08] () [Brak podpisu cyfrowego] S2 OcButtonService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe [119808 2019-11-21] (GIGA-BYTE TECHNOLOGY CO., LTD.) [Brak podpisu cyfrowego] S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2475312 2020-01-16] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3393848 2020-01-16] (Electronic Arts, Inc. -> Electronic Arts) R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2018-10-06] (Even Balance, Inc. -> ) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6254856 2022-05-13] (Microsoft Windows Publisher -> Microsoft Corporation) S3 SmrtService; C:\ProgramData\SmartGuard\bdo\smrt3d\beta\Data\49d8d3d8ae81da8b500315ae0f7c9824958a7e01\smrtsvc64.exe [6432096 2018-11-12] (Eikonect Software SL -> ) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13216272 2020-03-20] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_647b4244e991951b\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_647b4244e991951b\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 AppleCharger; C:\WINDOWS\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) S3 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [303712 2018-11-01] (Bluestack Systems, Inc. -> Bluestack System Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] R3 Driver; C:\Program Files\EVGA\Precision X1\driver-x64.sys [39856 2020-07-23] (EVGA Corp. -> ) S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [36280 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> ) R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider) R0 EUBAKUP; C:\WINDOWS\System32\drivers\eubakup.sys [73448 2020-02-24] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [53504 2020-02-24] (Microsoft Windows Hardware Compatibility Publisher -> ) R0 EUDCPEPM; C:\WINDOWS\System32\drivers\EUDCPEPM.sys [85424 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) R1 EUDSKACS; C:\WINDOWS\system32\drivers\eudskacs.sys [22784 2020-02-24] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) R1 EUEDKEPM; C:\WINDOWS\system32\drivers\EUEDKEPM.sys [33712 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) R1 EUFDDISK; C:\WINDOWS\system32\drivers\EuFdDisk.sys [341760 2020-02-24] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) R0 FACEIT; C:\WINDOWS\System32\Drivers\FACEIT.sys [12150704 2021-01-17] (FACE IT LIMITED -> ) R3 gdrv2; C:\WINDOWS\gdrv2.sys [32600 2020-05-05] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.) R3 gdrv3; C:\WINDOWS\System32\drivers\gdrv3.sys [41480 2022-01-16] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.) S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [17770920 2020-01-01] (Mail.Ru LLC -> LLC Mail.Ru) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation) S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [57768 2021-06-21] (Windscribe Limited -> The OpenVPN Project) S1 UsbCharger; C:\WINDOWS\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation) S3 windtun420; C:\WINDOWS\System32\drivers\windtun420.sys [47544 2021-06-21] (Windscribe Limited -> WireGuard LLC) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-06-14 21:42 - 2022-06-14 21:43 - 000000000 ____D C:\FRST 2022-06-14 21:40 - 2022-06-14 21:40 - 000001927 _____ C:\Users\Marcin\Desktop\fixlist.txt.txt 2022-06-14 21:23 - 2022-06-14 21:23 - 000000000 ____D C:\Users\Marcin\AppData\Roaming\Netease 2022-06-14 21:23 - 2022-06-14 21:23 - 000000000 ____D C:\Users\Marcin\AppData\Local\UniSDK 2022-06-14 21:23 - 2022-06-14 21:23 - 000000000 ____D C:\Users\Marcin\AppData\Local\Netease 2022-06-11 21:30 - 2022-06-11 21:30 - 000001957 _____ C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Konto służbowe lub szkolne.lnk 2022-06-09 21:22 - 2022-06-09 21:22 - 000000000 ____D C:\Users\Public\Documents\EMPRESS 2022-06-09 21:22 - 2022-06-09 21:22 - 000000000 ____D C:\Users\Marcin\AppData\Roaming\Goldberg UplayEmu Saves 2022-06-09 20:12 - 2019-11-25 16:12 - 001160488 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys 2022-06-09 18:58 - 2022-06-09 20:15 - 000000000 ____D C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net 2022-06-09 18:58 - 2022-06-09 18:58 - 000001840 _____ C:\Users\Marcin\Desktop\Game Center.lnk 2022-06-09 18:57 - 2022-06-09 18:57 - 000000000 ____D C:\ProgramData\Wargaming.net 2022-06-09 17:56 - 2022-06-11 21:30 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-06-08 20:05 - 2022-06-14 21:28 - 000000000 ____D C:\Users\Marcin\AppData\Roaming\uTorrent 2022-06-08 20:05 - 2022-06-08 20:05 - 000000941 _____ C:\Users\Marcin\Desktop\µTorrent.lnk 2022-06-08 20:05 - 2022-06-08 20:05 - 000000921 _____ C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2022-06-07 17:20 - 2022-06-07 17:20 - 000000000 ____D C:\Users\Public\Documents\AdobeGCInfo 2022-06-02 18:25 - 2022-06-02 18:29 - 065593404 _____ C:\Users\Marcin\Documents\teco.pdf 2022-05-31 21:55 - 2022-05-31 22:22 - 000000000 ____D C:\Users\Marcin\AppData\Local\PingPlotter 5 2022-05-31 21:55 - 2022-05-31 21:55 - 000000000 ____D C:\ProgramData\PingPlotter 5 2022-05-31 21:55 - 2022-05-31 21:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PingPlotter 5 2022-05-31 21:55 - 2022-05-31 21:55 - 000000000 ____D C:\Program Files (x86)\PingPlotter 5 2022-05-31 21:54 - 2022-05-31 21:54 - 000000000 ____D C:\Users\Marcin\AppData\Roaming\Downloaded Installations 2022-05-31 21:28 - 2022-05-31 21:28 - 000000000 ____D C:\Users\Marcin\AppData\Roaming\AMD 2022-05-31 21:02 - 2022-05-31 21:02 - 016777216 _____ C:\bios.bin 2022-05-31 20:09 - 2022-05-31 20:09 - 000020060 _____ C:\Users\Marcin\Documents\cc_20220531_200930.reg 2022-05-30 18:41 - 2022-05-30 18:41 - 000000000 ____D C:\Users\Marcin\AppData\Local\UL 2022-05-30 18:41 - 2022-05-30 18:41 - 000000000 ____D C:\ProgramData\UL 2022-05-30 18:41 - 2022-05-30 18:41 - 000000000 ____D C:\Program Files (x86)\Futuremark 2022-05-30 18:39 - 2022-05-30 18:39 - 000000222 _____ C:\Users\Marcin\Desktop\3DMark Demo.url 2022-05-30 07:16 - 2022-05-30 07:16 - 000000048 ____H C:\Program Files (x86)\ymnqli4pw8.dat 2022-05-29 21:13 - 2022-05-21 05:26 - 001905912 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2022-05-29 21:13 - 2022-05-21 05:26 - 001905912 _____ C:\WINDOWS\system32\vulkaninfo.exe 2022-05-29 21:13 - 2022-05-21 05:26 - 001478384 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2022-05-29 21:13 - 2022-05-21 05:26 - 001478384 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2022-05-29 21:13 - 2022-05-21 05:26 - 001467080 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2022-05-29 21:13 - 2022-05-21 05:26 - 001432304 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2022-05-29 21:13 - 2022-05-21 05:26 - 001432304 _____ C:\WINDOWS\system32\vulkan-1.dll 2022-05-29 21:13 - 2022-05-21 05:26 - 001209408 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2022-05-29 21:13 - 2022-05-21 05:26 - 001145584 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2022-05-29 21:13 - 2022-05-21 05:26 - 001145584 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2022-05-29 21:13 - 2022-05-21 05:23 - 000587336 _____ C:\WINDOWS\system32\nvofapi64.dll 2022-05-29 21:13 - 2022-05-21 05:23 - 000460496 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2022-05-29 21:13 - 2022-05-21 05:22 - 002120896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2022-05-29 21:13 - 2022-05-21 05:22 - 001603144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2022-05-29 21:13 - 2022-05-21 05:22 - 001530456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2022-05-29 21:13 - 2022-05-21 05:22 - 001177312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2022-05-29 21:13 - 2022-05-21 05:22 - 000730320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2022-05-29 21:13 - 2022-05-21 05:22 - 000724688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2022-05-29 21:13 - 2022-05-21 05:22 - 000712416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2022-05-29 21:13 - 2022-05-21 05:21 - 006964824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2022-05-29 21:13 - 2022-05-21 05:21 - 006226640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2022-05-29 21:13 - 2022-05-21 05:21 - 005100752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2022-05-29 21:13 - 2022-05-21 05:21 - 002932952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2022-05-29 21:13 - 2022-05-21 05:21 - 000582712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2022-05-29 21:13 - 2022-05-21 05:21 - 000457944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2022-05-29 21:13 - 2022-05-21 05:20 - 005730880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2022-05-29 21:13 - 2022-05-20 02:51 - 000089337 _____ C:\WINDOWS\system32\nvinfo.pb 2022-05-29 21:12 - 2022-05-21 05:19 - 000851136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2022-05-28 21:01 - 2022-05-28 21:01 - 000000000 ____D C:\Users\Marcin\AppData\Roaming\Ookla 2022-05-27 19:12 - 2022-06-14 21:36 - 000000000 ____D C:\Users\Marcin\AppData\Roaming\dll-propagation 2022-05-26 21:31 - 2022-05-26 21:31 - 000001475 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Advanced PDF Editor.lnk 2022-05-26 21:31 - 2022-05-26 21:31 - 000001463 _____ C:\Users\Public\Desktop\Foxit Advanced PDF Editor.lnk 2022-05-26 21:31 - 2022-05-26 21:31 - 000000000 ____D C:\Users\Marcin\AppData\Roaming\Foxit Advanced PDF Editor 2022-05-26 21:31 - 2022-05-26 21:31 - 000000000 ____D C:\Users\Marcin\AppData\Local\Foxit Advanced PDF Editor 2022-05-26 21:31 - 2022-05-26 21:31 - 000000000 ____D C:\Users\Marcin\AppData\Local\Aspell 2022-05-26 21:31 - 2022-05-26 21:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Advanced PDF Editor 2022-05-26 21:31 - 2022-05-26 21:31 - 000000000 ____D C:\ProgramData\Foxit Advanced PDF Editor 2022-05-26 21:31 - 2022-05-26 21:31 - 000000000 ____D C:\ProgramData\Aspell 2022-05-26 21:31 - 2022-05-26 21:31 - 000000000 ____D C:\Program Files (x86)\Foxit Software 2022-05-26 21:01 - 2022-06-14 19:12 - 000000000 ____D C:\Users\Marcin\AppData\Roaming\services 2022-05-26 21:00 - 2022-05-26 21:01 - 000000000 ___HD C:\Users\Marcin\AppData\Roaming\.dllbackups 2022-05-26 21:00 - 2022-05-26 21:00 - 000000000 ____D C:\Users\Marcin\AppData\Roaming\dllservices 2022-05-26 20:56 - 2022-05-26 20:56 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2022-05-17 22:02 - 2022-05-17 22:02 - 000000000 ____D C:\Users\Marcin\AppData\Roaming\Goldberg SteamEmu Saves ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-06-14 21:40 - 2018-01-18 20:05 - 000000000 ____D C:\Users\Marcin\AppData\Local\Battle.net 2022-06-14 21:39 - 2018-08-23 20:13 - 000000000 ____D C:\Program Files (x86)\Google 2022-06-14 21:38 - 2018-11-21 22:25 - 000000000 ____D C:\ProgramData\TEMP 2022-06-14 21:35 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-06-14 21:32 - 2018-01-17 18:10 - 000000000 ____D C:\Program Files (x86)\Steam 2022-06-14 21:28 - 2017-04-20 17:20 - 000000000 ____D C:\Users\Marcin\AppData\LocalLow\Mozilla 2022-06-14 21:23 - 2021-04-07 14:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-06-14 20:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-06-14 20:05 - 2018-12-31 17:36 - 000000000 ____D C:\Users\Marcin\AppData\Local\D3DSCache 2022-06-14 20:00 - 2017-02-18 11:24 - 000000000 ____D C:\Games 2022-06-14 19:15 - 2020-10-04 20:23 - 000000000 ____D C:\ProgramData\NVIDIA 2022-06-13 18:50 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-06-11 21:46 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2022-06-11 21:31 - 2020-10-12 14:12 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-06-11 21:30 - 2021-09-26 17:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-06-11 21:30 - 2018-01-17 18:09 - 000000954 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-06-11 21:30 - 2018-01-17 18:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-06-11 21:28 - 2021-04-13 07:41 - 000003472 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d72bae20e84a6c 2022-06-11 21:28 - 2021-04-07 15:02 - 000003596 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA1d6a473ed41235c 2022-06-11 21:28 - 2018-08-23 20:13 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-06-09 22:23 - 2022-02-09 10:14 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-06-09 21:22 - 2016-10-24 20:52 - 000000000 ____D C:\Users\Marcin\Documents\My Games 2022-06-09 20:12 - 2019-09-26 19:00 - 000000000 ____D C:\Program Files (x86)\Realtek 2022-06-09 20:11 - 2018-01-17 18:07 - 000000000 ____D C:\Program Files\AMD 2022-06-09 18:58 - 2018-01-19 19:49 - 000000000 ____D C:\Users\Marcin\AppData\Roaming\Wargaming.net 2022-06-08 19:49 - 2018-09-21 19:07 - 000000000 ____D C:\Users\Marcin\AppData\Roaming\uTorrent Web 2022-06-02 18:18 - 2021-12-12 19:34 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2114928705-1177048781-237462739-1001 2022-06-02 18:18 - 2021-04-07 15:02 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2114928705-1177048781-237462739-1001 2022-06-01 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2022-05-31 21:30 - 2021-04-07 15:06 - 001779296 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-05-31 21:30 - 2019-12-07 17:09 - 000784340 _____ C:\WINDOWS\system32\perfh015.dat 2022-05-31 21:30 - 2019-12-07 17:09 - 000152236 _____ C:\WINDOWS\system32\perfc015.dat 2022-05-31 21:28 - 2020-07-07 23:05 - 000000000 ____D C:\AMD 2022-05-31 21:28 - 2020-01-05 15:24 - 000000000 ____D C:\Program Files (x86)\AMD 2022-05-31 21:24 - 2021-04-07 15:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-05-31 21:24 - 2021-04-07 14:57 - 000008192 ___SH C:\DumpStack.log.tmp 2022-05-31 21:24 - 2018-03-12 15:20 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2022-05-31 21:23 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2022-05-31 20:57 - 2020-05-05 23:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE 2022-05-31 20:57 - 2020-05-05 23:49 - 000000000 ____D C:\Program Files (x86)\GIGABYTE 2022-05-31 20:57 - 2018-04-04 19:06 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2022-05-31 20:39 - 2020-10-11 12:20 - 000000000 ____D C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVGA 2022-05-31 20:39 - 2020-10-11 12:20 - 000000000 ____D C:\Program Files\EVGA 2022-05-31 20:37 - 2022-04-09 12:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EVGA 2022-05-31 20:37 - 2022-04-09 12:02 - 000000000 ____D C:\ProgramData\EVGA 2022-05-31 20:37 - 2020-10-06 20:55 - 000000000 ____D C:\Users\Marcin\AppData\Local\CrashDumps 2022-05-31 20:23 - 2017-04-17 21:50 - 000000000 ____D C:\AdwCleaner 2022-05-30 18:48 - 2016-11-10 17:18 - 000000000 ____D C:\Users\Marcin\Documents\3DMark 2022-05-29 21:14 - 2020-10-04 23:00 - 000000000 ____D C:\Users\Marcin\AppData\Local\NVIDIA 2022-05-27 21:29 - 2018-03-03 22:57 - 000000000 ____D C:\Users\Marcin\AppData\Roaming\discord 2022-05-27 20:41 - 2022-04-15 19:54 - 000000000 ____D C:\Users\Marcin\AppData\Local\Discord 2022-05-26 21:31 - 2013-08-22 17:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2022-05-26 21:27 - 2021-04-07 14:57 - 000488840 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-05-26 21:26 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-05-26 21:26 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2022-05-26 21:26 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-05-26 21:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-05-26 21:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2022-05-26 21:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-05-26 21:26 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System 2022-05-26 21:23 - 2019-03-13 19:51 - 000000000 ____D C:\ProgramData\Adobe 2022-05-26 21:13 - 2018-01-17 18:02 - 000000000 ____D C:\Users\Marcin\AppData\Roaming\Adobe 2022-05-26 20:56 - 2018-04-06 16:36 - 000000000 ____D C:\Users\Marcin\AppData\Local\Adobe 2022-05-26 20:55 - 2019-03-13 19:51 - 000000000 ____D C:\Program Files (x86)\Adobe 2022-05-26 20:50 - 2021-10-26 18:18 - 000000000 ____D C:\Program Files\Common Files\Adobe 2022-05-21 05:18 - 2021-01-09 14:48 - 007618584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2022-05-21 05:18 - 2021-01-09 14:48 - 006465200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2022-05-17 22:02 - 2018-03-05 18:34 - 000000000 ____D C:\ProgramData\Epic 2022-05-17 22:02 - 2018-02-02 16:41 - 000000000 ____D C:\Users\Marcin\AppData\Local\UnrealEngine ==================== Pliki w katalogu głównym wybranych folderów ======== 2022-05-30 07:16 - 2022-05-30 07:16 - 000000048 ____H () C:\Program Files (x86)\ymnqli4pw8.dat 2020-10-25 15:49 - 2020-10-28 16:00 - 000000048 _____ () C:\Users\Marcin\AppData\Roaming\.crystalinst 2018-07-12 15:04 - 2018-07-12 15:04 - 001065984 _____ () C:\Users\Marcin\AppData\Local\file__0.localstorage 2022-05-26 21:33 - 2022-05-26 21:33 - 000000000 _____ () C:\Users\Marcin\AppData\Local\oobelibMkey.log 2022-03-27 11:52 - 2022-03-27 11:52 - 000001040 _____ () C:\Users\Marcin\AppData\Local\recently-used.xbel ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================