Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 24-01-2023 Uruchomiony przez Biuro (administrator) BIURO_OP10 (ASUS All Series) (26-01-2023 06:24:19) Uruchomiony z C:\Users\Biuro\Desktop\frst Załadowane profile: Biuro Platform: Microsoft Windows 10 Pro Wersja 21H2 19044.2486 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe (atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe (C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7> (C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe (C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe (C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe (C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (C:\Program Files\Samsung\Easy Connection to Screen\Ui.exe ->) (Samsung Electronics CO., LTD. -> The CefSharp Authors) C:\Program Files\Samsung\Easy Connection to Screen\CefSharp.BrowserSubprocess.exe <2> (C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\110\LocalDB\Binn\sqlservr.exe (explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\69.0.0.0\crashpad_handler.exe <2> (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <15> (explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe <7> (explorer.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logi\LogiBolt\LogiBolt.exe (explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe (explorer.exe ->) (Mega Limited -> Mega Limited) C:\ProgramData\MEGAsync\MEGAsync.exe (explorer.exe ->) (OpenVPN Inc. -> ) C:\Program Files\OpenVPN\bin\openvpn-gui.exe (explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (services.exe ->) () [Brak podpisu cyfrowego] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.19\AsusFanControlService.exe (services.exe ->) (Beijing NormalSoft technology Co.,Ltd. -> www.ext2fsd.com) C:\Program Files\Ext2Fsd\Ext2Srv.exe (services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (services.exe ->) (GlavSoft LLC -> GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe <2> (services.exe ->) (hxxp://ytdownloader.biz/) [Brak podpisu cyfrowego] C:\Program Files (x86)\Common Files\YT Updater\ytupdater.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe (services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe (services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2> (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2> (services.exe ->) (Microsoft Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe (services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe (services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2> (services.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Program Files\Samsung\Easy Connection to Screen\Service.exe (services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe (services.exe ->) (Veeam Software Group GmbH -> Veeam Software Group GmbH) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe (svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe (svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe (svchost.exe ->) (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22112.142.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (svchost.exe ->) (QNAP Systems, Inc. -> ) C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe (svchost.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Program Files\Samsung\Easy Connection to Screen\Ui.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [1699480 2018-03-01] (GlavSoft LLC -> GlavSoft LLC.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8853248 2021-01-31] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322120 2017-04-19] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [Veeam.EndPoint.Tray.exe] => C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Tray.exe [1028688 2020-07-14] (Veeam Software Group GmbH -> Veeam Software Group GmbH) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [194704 2023-01-16] (ESET, spol. s r.o. -> ESET) HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1690368 2022-07-22] (Logitech Inc -> Logitech, Inc.) HKLM\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) HKLM-x32\...\Run: [QfinderPro] => C:\Program Files (x86)\QNAP\Qfinder\QfinderPro.exe [5428752 2021-09-24] (QNAP Systems, Inc. -> QNAP) HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [288184 2021-12-08] (Intel Corporation -> Intel) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3140608 2021-01-29] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2022-09-15] (Oracle America, Inc. -> Oracle Corporation) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe [51022104 2023-01-20] (Google LLC -> Google, Inc.) HKU\S-1-5-19\...\Policies\system: [] HKU\S-1-5-19\...\Policies\system: [DisableTaskMgr] 1 HKU\S-1-5-20\...\Policies\system: [] HKU\S-1-5-20\...\Policies\system: [DisableTaskMgr] 1 HKU\S-1-5-21-2737232935-218490253-4012713160-1001\...\Run: [OpenVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [755296 2020-10-28] (OpenVPN Inc. -> ) HKU\S-1-5-21-2737232935-218490253-4012713160-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2148528 2022-11-05] (Wargaming.net Limited -> Wargaming.net) HKU\S-1-5-21-2737232935-218490253-4012713160-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4246376 2022-12-15] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-2737232935-218490253-4012713160-1001\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech) HKU\S-1-5-21-2737232935-218490253-4012713160-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe [51022104 2023-01-20] (Google LLC -> Google, Inc.) HKU\S-1-5-21-2737232935-218490253-4012713160-1001\...\Policies\system: [] HKU\S-1-5-21-2737232935-218490253-4012713160-1001\...\Policies\system: [DisableTaskMgr] 1 HKU\S-1-5-21-2737232935-218490253-4012713160-1001\...\MountPoints2: {02f84adc-60b8-11eb-ae5c-305a3a4bb079} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2737232935-218490253-4012713160-1001\...\MountPoints2: {a8be9649-e94d-11eb-ae92-305a3a4bb079} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2737232935-218490253-4012713160-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [39936 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe [51022104 2023-01-20] (Google LLC -> Google, Inc.) HKU\S-1-5-18\...\Policies\system: [] HKU\S-1-5-18\...\Policies\system: [DisableTaskMgr] 1 HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\WINDOWS\system32\hpzllw71.dll [53248 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\PDF-XChange4: C:\Windows\system32\pxc40pm.dll [50456 2010-03-02] (Tracker Software Products Ltd -> Tracker Software Products Ltd.) HKLM\...\Print\Monitors\PJL Language Monitor: C:\WINDOWS\system32\PJLMON.DLL [24064 2023-01-11] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.119\Installer\chrmstp.exe [2023-01-26] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{E5931AF4-2A8F-48A5-AFC8-3605AD5C0A0C}] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2021-03-11] ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) Startup: C:\Users\Biuro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2019-04-02] ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited) BootExecute: autocheck autochk /m /P \Device\HarddiskVolume15autocheck autochk /m /P \Device\HarddiskVolume12autocheck autochk * ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {04DA170F-9506-4A1B-9E19-25FFB7E2E312} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {155AA1F6-1A8F-441A-B714-4C19BAA40F2D} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {18A162F2-0EDA-41E0-9982-64F974835D23} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {1C7439DE-B9F0-4464-9CE5-28BBB0DD95F7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [5442048 2022-10-20] (Microsoft Corporation -> Microsoft Corporation) Task: {2BBA7FBD-A1E8-46CD-BA2D-F109EF305B57} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {3C8C19B9-4A53-4BB2-82C7-282D5E5C76E0} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [238392 2013-07-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) Task: {3CFFE5A5-3F28-42D1-85FC-F14D8BD4EB21} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {3F3D2D95-296C-4983-81CB-917F2B8EDC66} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21864416 2022-12-27] (Microsoft Corporation -> Microsoft Corporation) Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB} Task: {515323FC-6DD8-4506-973F-D7465F261EA2} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {5A16DE44-CC92-423A-8D27-BB0511ACFD32} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.) Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {6FFBC679-365E-448C-9BD3-DF1FA5E8080F} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\windows\explorer.exe /NoUACCheck Task: {728B3B68-68BE-4B4D-A788-EBCA363A6252} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3464168 2022-11-09] (Intel Corporation -> Intel Corporation) Task: {72A0C5FB-2BE3-4C5A-8B36-97BEAB6429E0} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61} Task: {80A4DB8D-9A42-458E-A947-E53216CDB42C} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1} Task: {842250C4-1ACB-46A3-B2E0-847972E6C514} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21864416 2022-12-27] (Microsoft Corporation -> Microsoft Corporation) Task: {8BAB8AD1-42DF-47C1-B483-B04C276C8FCC} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {8BFB915F-9659-4F64-869B-34819DE05FB2} - System32\Tasks\Easy Connection to Screen => C:\Program Files\Samsung\Easy Connection to Screen\Ui.exe [3107592 2022-02-07] (Samsung Electronics CO., LTD. -> ) Task: {98BA9779-2B5E-4FFA-A2DF-F7E8E87223CF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-03] (Google Inc -> Google Inc.) Task: {A29439AA-3C86-4841-8FE2-A2F7C4D267B2} - System32\Tasks\Microsoft\Windows\Shell\WindowsObjectChecking => C:\WINDOWS\system32\config\systemprofile\AppData\Roaming\96681246EEA142B08C73A3335020812F\A2EB367917BA43C2BC92B96C1EDCF434.vbe [703358 2023-01-26] () [Brak podpisu cyfrowego] <==== UWAGA Task: {A3332789-FD59-4993-9919-0AA937A4E61D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [5442048 2022-10-20] (Microsoft Corporation -> Microsoft Corporation) Task: {AC92DCC9-3432-481A-AF80-3619E09932D1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-03] (Google Inc -> Google Inc.) Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371} Task: {B0E812FE-B0E2-4297-BDA8-EB7473E3382C} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1551520 2015-05-14] (ASUSTeK Computer Inc. -> ) [Brak podpisu cyfrowego] Task: {B875FCAC-2E2E-41CA-A9D9-BA38267FF12C} - System32\Tasks\Microsoft\Windows\WindowsUpdate\WinTaskCoreUpdate => C:\WINDOWS\system32\config\systemprofile\AppData\Roaming\581FB218C5324299AF23729F946C27B6\AEC5456C5C1948F5AB3A62011B34B60D.vbe [673916 2023-01-26] () [Brak podpisu cyfrowego] <==== UWAGA Task: {BC6EAA4D-3272-4A19-8C07-112773436E1C} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3464168 2022-11-09] (Intel Corporation -> Intel Corporation) Task: {C85E9272-0852-4628-97F2-5FFA9F5A0028} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {CE74EEDA-ED34-472E-82D3-2898C39612AC} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115672 2023-01-18] (Microsoft Corporation -> Microsoft Corporation) Task: {DDD648E7-3447-4B63-ADE5-3AD8546A2598} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {E323A15C-A612-4737-B0A1-5E1211AB736C} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [1461560 2015-01-09] (ASUSTeK Computer Inc. -> ) Task: {E45D12ED-5F5A-48AD-AED1-FAA66978EECD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115672 2023-01-18] (Microsoft Corporation -> Microsoft Corporation) Task: {EBABBB6F-67CC-4A09-833A-414E225162BE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {F1C8EFCC-AF72-4132-B627-479F8C50EE60} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {F2043EBD-58A9-4104-BD82-C4A2B84F799B} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2737232935-218490253-4012713160-1001 => C:\ProgramData\MEGAsync\MEGAupdater.exe [1776816 2022-12-14] (Mega Limited -> ) Task: {F5C7C525-F853-44C1-B51C-E48721AE76F0} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite III\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [328504 2013-02-07] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) Task: {F5F3CD57-1204-43B6-9D5C-0B9ED92A7F92} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1271096 2015-02-26] (ASUSTeK Computer Inc. -> ) Task: {F8019F4B-E4C8-4C49-9CB8-1A14770B229E} - System32\Tasks\iSCSIAgentAutoStartup => C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe [1740816 2021-09-24] (QNAP Systems, Inc. -> ) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 Tcpip\..\Interfaces\{58625069-2a84-4f12-99a7-79c58cc8dcce}: [DhcpNameServer] 192.168.8.1 Tcpip\..\Interfaces\{F46F0B4D-BEA2-42D3-9273-5601145F525D}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{FF284F27-001D-4B3B-9A65-8DB9B2557800}: [DhcpNameServer] 10.1.0.1 Edge: ======= Edge Profile: C:\Users\Biuro\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-16] FireFox: ======== FF DefaultProfile: l8ow9t3s.default FF ProfilePath: C:\Users\Biuro\AppData\Roaming\Mozilla\Firefox\Profiles\l8ow9t3s.default [2023-01-15] FF ProfilePath: C:\Users\Biuro\AppData\Roaming\Mozilla\Firefox\Profiles\9br8x4fh.default-release [2023-01-26] FF Extension: (Video DownloadHelper) - C:\Users\Biuro\AppData\Roaming\Mozilla\Firefox\Profiles\9br8x4fh.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2022-05-10] FF Plugin: @java.com/DTPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\dtplugin\npDeployJava1.dll [2022-10-29] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\plugin2\npjp2.dll [2022-10-29] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-02-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2020-10-21] (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> ) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2023-01-26] Chrome: ======= CHR Profile: C:\Users\Biuro\AppData\Local\Google\Chrome\User Data\Default [2023-01-26] CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxps://calendar.google.com/calendar/r?tab=wc" CHR Extension: (uBlock Origin) - C:\Users\Biuro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-12-31] CHR Extension: (Adblock dla Youtube™) - C:\Users\Biuro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2023-01-25] CHR Extension: (Tpay.com) - C:\Users\Biuro\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmbhnokcfchfkdgechgkhcfekdfpdjld [2019-02-07] CHR Extension: (saveVPN) - C:\Users\Biuro\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmndccefdiphnljnhkiikjglfbjllhdf [2022-12-05] CHR Extension: (Dokumenty Google offline) - C:\Users\Biuro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-24] CHR Extension: (AdBlock — najlepszy bloker reklam) - C:\Users\Biuro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-12-21] CHR Extension: (Szafir SDK Web) - C:\Users\Biuro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjalhnomhafafofonpdihihjnbafkipc [2022-06-23] CHR Extension: (Helium Backup) - C:\Users\Biuro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpglbgbpeobllokpmeagpoagjbfknanl [2022-02-18] CHR Extension: (IE Tab) - C:\Users\Biuro\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2023-01-20] CHR Extension: (Disconnect) - C:\Users\Biuro\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2020-10-22] CHR Extension: (Program uruchamiający aplikacje dla plików z Dysku (od Google)) - C:\Users\Biuro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-01-24] CHR Extension: (Video DownloadHelper) - C:\Users\Biuro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2022-10-16] CHR Extension: (Ghostery – Bloker reklam chroniący prywatność) - C:\Users\Biuro\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2022-12-21] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Biuro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR HKU\S-1-5-21-2737232935-218490253-4012713160-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.) R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3853384 2022-09-03] (philandro Software GmbH -> AnyDesk Software GmbH) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2021-01-31] (ASUSTeK Computer Inc. -> ) R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2021-01-31] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.19\AsusFanControlService.exe [396088 2021-01-31] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9198496 2022-11-30] (Microsoft Corporation -> Microsoft Corporation) R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [39352 2021-12-08] (Intel Corporation -> Intel) R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [177080 2021-12-08] (Intel Corporation -> Intel) R2 Easy Connection to Screen; C:\Program Files\Samsung\Easy Connection to Screen\Service.exe [314128 2022-02-07] (Samsung Electronics CO., LTD. -> ) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2023-01-11] (EasyAntiCheat Oy -> Epic Games, Inc) R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3549872 2023-01-16] (ESET, spol. s r.o. -> ESET) R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3549872 2023-01-16] (ESET, spol. s r.o. -> ESET) R2 Ext2Srv; C:\Program Files\Ext2Fsd\Ext2Srv.exe [42488 2017-11-02] (Beijing NormalSoft technology Co.,Ltd. -> www.ext2fsd.com) S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Brak podpisu cyfrowego] R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Brak podpisu cyfrowego] R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Brak podpisu cyfrowego] R2 MSSQL$RESET2; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation -> Microsoft Corporation) R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74336 2020-10-28] (OpenVPN Inc. -> The OpenVPN Project) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2022-12-14] (Microsoft Windows Publisher -> Microsoft Corporation) R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [1699480 2018-03-01] (GlavSoft LLC -> GlavSoft LLC.) S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746728 2021-07-28] (Oracle Corporation -> Oracle Corporation) R2 VeeamEndpointBackupSvc; C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe [128592 2020-07-14] (Veeam Software Group GmbH -> Veeam Software Group GmbH) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) R2 YT Updater Service; C:\Program Files (x86)\Common Files\YT Updater\ytupdater.exe [16384 2015-01-26] (hxxp://ytdownloader.biz/) [Brak podpisu cyfrowego] R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15368 2021-01-31] (Microsoft Windows Hardware Compatibility Publisher -> ) R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2021-01-31] (ASUSTeK Computer Inc. -> ) R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2021-01-31] (MCCI Corporation -> MCCI Corporation) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 e1express; C:\WINDOWS\System32\drivers\e1e6032e.sys [300544 2019-12-07] (Microsoft Windows -> Intel Corporation) R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [198416 2023-01-16] (ESET, spol. s r.o. -> ESET) R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [119904 2023-01-16] (ESET, spol. s r.o. -> ESET) S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-11-09] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET) R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [237208 2023-01-16] (ESET, spol. s r.o. -> ESET) R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [55392 2023-01-16] (ESET, spol. s r.o. -> ESET) R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [81696 2023-01-16] (ESET, spol. s r.o. -> ESET) R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [122504 2023-01-16] (ESET, spol. s r.o. -> ESET) R2 Ext2Fsd; C:\Windows\system32\Drivers\Ext2Fsd.sys [826360 2017-11-02] (Beijing NormalSoft technology Co.,Ltd. -> www.ext2fsd.com) R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-12-31] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.) S3 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2021-01-31] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrd.sys [32840 2021-01-31] (Realtek Semiconductor Corp -> NT Kernel Resources) R2 NPF; C:\Program Files (x86)\iVMS-4200 Site\Drivers\npf64.sys [36600 2021-07-16] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation) S1 PQNTDrv; C:\Windows\SysWow64\Drivers\PQNTDrv.sys [4228 2002-09-16] (PowerQuest Corporation) [Brak podpisu cyfrowego] S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2021-02-05] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) R3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [239664 2021-07-28] (Oracle Corporation -> Oracle Corporation) R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249568 2021-07-28] (Oracle Corporation -> Oracle Corporation) U5 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [174008 2019-01-28] (Oracle Corporation -> Oracle Corporation) S3 VeeamFLR; C:\Program Files\Veeam\Endpoint Backup\VeeamFCT.sys [303704 2020-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Veeam Software Group GmbH) S3 VirtualDK; C:\Program Files\Veeam\Endpoint Backup\vdk.sys [57216 2020-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Ken Kato) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473376 2022-12-09] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-09] (Microsoft Windows -> Microsoft Corporation) R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2021-02-05] (WireGuard LLC -> WireGuard LLC) U3 idsvc; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2023-01-25 08:40 - 2023-01-25 08:40 - 000218306 _____ C:\Users\Biuro\Downloads\5708452391_22_0 (1).pdf 2023-01-25 08:38 - 2023-01-25 08:38 - 000000183 _____ C:\Users\Biuro\Desktop\poczta barak.txt 2023-01-25 08:27 - 2023-01-25 08:27 - 000218306 _____ C:\Users\Biuro\Downloads\5708452391_22_0.pdf 2023-01-25 08:27 - 2023-01-25 08:27 - 000000008 _____ C:\Users\Biuro\Desktop\abonent netia dromo.txt 2023-01-18 16:15 - 2023-01-18 16:16 - 399703788 _____ C:\Users\Biuro\Downloads\DYWIZJON 303.avi 2023-01-18 16:15 - 2023-01-18 16:15 - 045345765 _____ C:\Users\Biuro\Downloads\Bitwa o Brytanię - Dywizjon 303 Lektor PL 2_4 (Bloody foreig.mp4 2023-01-18 16:14 - 2023-01-18 16:17 - 1049753600 _____ C:\Users\Biuro\Downloads\Akcja pod Arsenałem.avi 2023-01-16 21:54 - 2023-01-23 08:43 - 000002286 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2023-01-15 18:56 - 2023-01-15 18:56 - 000005066 _____ C:\Users\Biuro\Downloads\rejestr.txt 2023-01-15 18:33 - 2023-01-15 18:33 - 000000008 __RSH C:\ProgramData\ntuser.pol 2023-01-15 08:39 - 2023-01-15 08:39 - 000000522 _____ C:\Users\Biuro\Documents\tskmgr5.reg 2023-01-15 08:37 - 2023-01-15 08:37 - 000000708 _____ C:\Users\Biuro\Documents\tskmgr4.reg 2023-01-15 08:36 - 2023-01-15 08:36 - 000000514 _____ C:\Users\Biuro\Documents\tskmgr2.reg 2023-01-15 08:27 - 2023-01-15 18:39 - 000000000 ____D C:\Program Files (x86)\Trojan Remover 2023-01-15 08:27 - 2023-01-15 08:27 - 015441312 _____ (Simply Super Software ) C:\Users\Biuro\Downloads\trjsetup695 (1).exe 2023-01-15 08:17 - 2023-01-26 06:22 - 000000000 ____D C:\Users\Biuro\Desktop\frst 2023-01-14 09:51 - 2023-01-14 09:51 - 000000000 ____D C:\Users\Biuro\.wdm 2023-01-14 09:50 - 2023-01-14 09:50 - 022041038 _____ C:\Users\Biuro\Downloads\BotKey Finder v2.5.rar 2023-01-14 09:50 - 2022-11-26 19:03 - 000000000 ____D C:\Users\Biuro\Downloads\BotKey Finder v2.5 2023-01-11 18:19 - 2023-01-11 18:19 - 000000000 ____D C:\Users\Biuro\AppData\Local\WarThunder 2023-01-11 18:19 - 2023-01-11 18:19 - 000000000 ____D C:\ProgramData\WarThunder 2023-01-11 18:18 - 2023-01-11 18:18 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat 2023-01-11 17:51 - 2023-01-11 17:51 - 000000000 ___HD C:\$WinREAgent 2023-01-11 17:32 - 2023-01-11 17:32 - 000293943 _____ C:\Users\Biuro\Downloads\hitman3-update2.torrent 2023-01-11 17:31 - 2023-01-11 17:31 - 000000222 _____ C:\Users\Biuro\Desktop\War Thunder.url 2023-01-11 17:31 - 2023-01-11 17:31 - 000000000 ____D C:\Users\Biuro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2023-01-05 23:47 - 2023-01-05 23:47 - 002376192 _____ (Farbar) C:\Users\Biuro\Downloads\FRST64.exe 2023-01-05 23:40 - 2023-01-05 23:40 - 000000000 ____D C:\WINDOWS\system32\appmgmt 2023-01-05 23:16 - 2023-01-05 23:16 - 000000000 ____D C:\Users\Biuro\Downloads\Autoruns 2023-01-05 23:15 - 2023-01-05 23:16 - 003862520 _____ C:\Users\Biuro\Downloads\Autoruns.zip 2023-01-05 23:10 - 2023-01-05 23:11 - 052979446 _____ C:\Users\Biuro\Downloads\Trojan Remover 6.9.4.2943 ( ZAREJESTROWANY ).rar 2022-12-31 08:06 - 2023-01-20 21:36 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2022-12-31 08:06 - 2022-12-31 08:06 - 305769240 _____ (Google, Inc.) C:\Users\Biuro\Downloads\GoogleDriveSetup.exe 2022-12-31 08:06 - 2022-12-31 08:06 - 000000000 ____D C:\Program Files\Google 2022-12-31 07:47 - 2022-12-31 07:47 - 025245482 _____ C:\Users\Biuro\Downloads\wordpress-6.1.1-pl_PL.zip 2022-12-31 07:47 - 2022-12-31 07:47 - 000000000 ____D C:\Users\Biuro\Downloads\wordpress 2022-12-31 07:41 - 2022-12-31 07:49 - 000000000 ____D C:\totalcmd 2022-12-31 07:41 - 2022-12-31 07:41 - 000000000 ____D C:\Users\Biuro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander 2022-12-31 07:40 - 2022-12-31 07:40 - 009212584 _____ (Ghisler Software GmbH) C:\Users\Biuro\Downloads\tcmd1052x32_64.exe 2022-12-31 07:40 - 2022-12-31 07:40 - 006169504 _____ (Ghisler Software GmbH) C:\Users\Biuro\Downloads\tcmd1052x64.exe 2022-12-29 11:35 - 2022-12-29 11:35 - 000962658 _____ C:\Users\Biuro\Downloads\182868675.pdf 2022-12-28 17:50 - 2023-01-26 06:19 - 000000000 ____D C:\Users\Biuro\AppData\Local\LogiBolt 2022-12-28 17:50 - 2022-12-28 17:50 - 000000000 ____D C:\Users\Biuro\AppData\Roaming\Logishrd 2022-12-28 17:50 - 2022-12-28 17:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2022-12-28 17:50 - 2022-12-28 17:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi 2022-12-28 17:50 - 2022-12-28 17:50 - 000000000 ____D C:\Program Files\Logi 2022-12-28 17:49 - 2022-12-28 17:50 - 000000000 ____D C:\ProgramData\Logishrd 2022-12-28 17:49 - 2022-12-28 17:49 - 000000000 ____D C:\Program Files\Logitech 2022-12-28 17:47 - 2022-12-28 17:48 - 292165944 _____ (Logitech Inc.) C:\Users\Biuro\Downloads\options_installer.exe 2022-12-28 16:48 - 2022-12-28 16:48 - 000164416 _____ C:\Users\Biuro\Downloads\document-4366559 (1).pdf 2022-12-28 16:48 - 2022-12-28 16:48 - 000124679 _____ C:\Users\Biuro\Downloads\document-4460542.pdf 2022-12-28 16:48 - 2022-12-28 16:48 - 000030708 _____ C:\Users\Biuro\Downloads\document-4462637.pdf 2022-12-28 16:48 - 2022-12-28 16:48 - 000018389 _____ C:\Users\Biuro\Downloads\document-4462639.pdf ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2023-01-26 06:25 - 2022-03-13 09:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2023-01-26 06:24 - 2022-12-12 08:32 - 000000000 ____D C:\FRST 2023-01-26 06:24 - 2022-03-13 09:33 - 000000000 ____D C:\Program Files\Java 2023-01-26 06:20 - 2019-02-03 10:33 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-01-26 06:20 - 2019-02-03 10:22 - 000000000 ____D C:\Program Files (x86)\Google 2023-01-26 06:19 - 2022-11-01 14:19 - 000000000 ____D C:\Program Files (x86)\Steam 2023-01-26 06:19 - 2021-02-05 12:34 - 000000000 ____D C:\ProgramData\NVIDIA 2023-01-26 06:18 - 2020-12-29 22:13 - 000008192 ___SH C:\DumpStack.log.tmp 2023-01-26 06:18 - 2020-11-19 00:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-01-26 06:18 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-01-26 06:18 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2023-01-26 06:17 - 2009-07-14 04:20 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2023-01-25 08:38 - 2019-07-04 20:39 - 000000000 ____D C:\Users\Biuro\AppData\LocalLow\Mozilla 2023-01-25 08:30 - 2022-05-12 06:53 - 000821944 _____ C:\WINDOWS\system32\perfh015.dat 2023-01-25 08:30 - 2022-05-12 06:53 - 000169894 _____ C:\WINDOWS\system32\perfc015.dat 2023-01-25 08:30 - 2020-12-29 22:21 - 001879338 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-01-25 08:30 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2023-01-25 08:25 - 2022-10-26 19:41 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2023-01-24 21:38 - 2019-03-17 13:33 - 000000000 ____D C:\Users\Biuro\AppData\Roaming\vlc 2023-01-24 21:29 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-01-24 21:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-01-24 21:28 - 2021-02-21 22:28 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2023-01-23 08:43 - 2020-11-19 00:41 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-01-18 18:13 - 2021-02-01 09:39 - 000000000 ____D C:\Users\Biuro\AppData\Roaming\qBittorrent 2023-01-18 17:35 - 2020-12-29 22:52 - 000003368 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2737232935-218490253-4012713160-1001 2023-01-18 17:35 - 2020-12-29 22:21 - 000002463 _____ C:\Users\Biuro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-01-18 16:15 - 2021-08-26 08:51 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2023-01-16 21:46 - 2022-11-10 08:15 - 000237208 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys 2023-01-16 21:46 - 2022-11-10 08:15 - 000198416 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys 2023-01-16 21:46 - 2022-11-10 08:15 - 000122504 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys 2023-01-16 21:46 - 2022-11-10 08:15 - 000119904 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys 2023-01-16 21:46 - 2022-11-10 08:15 - 000081696 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys 2023-01-16 21:46 - 2022-11-10 08:15 - 000055392 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys 2023-01-15 18:47 - 2020-02-09 14:10 - 000001100 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk 2023-01-15 18:47 - 2020-02-09 14:10 - 000000000 ____D C:\Users\Biuro\AppData\Roaming\Notepad++ 2023-01-15 18:41 - 2021-02-07 14:30 - 000000000 ____D C:\Users\Biuro\AppData\Local\CrashDumps 2023-01-15 18:40 - 2022-03-05 21:38 - 000000000 ____D C:\Users\Biuro\AppData\Roaming\.tlauncher 2023-01-15 18:39 - 2022-03-05 21:38 - 000000000 ____D C:\Users\Biuro\AppData\Roaming\.minecraft 2023-01-15 18:31 - 2019-03-17 12:40 - 000000000 ____D C:\Users\Biuro\AppData\LocalLow\Temp 2023-01-15 18:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2023-01-15 08:38 - 2021-02-07 14:19 - 000000000 ____D C:\Users\Biuro\AppData\Local\D3DSCache 2023-01-15 08:35 - 2022-12-10 23:53 - 000000000 ____D C:\ProgramData\TEMP 2023-01-14 09:51 - 2020-12-29 22:21 - 000000000 ____D C:\Users\Biuro 2023-01-11 21:28 - 2020-11-18 23:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-01-11 18:32 - 2022-05-03 07:28 - 000458480 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-01-11 18:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2023-01-11 18:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-01-11 18:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2023-01-11 18:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-01-11 18:18 - 2022-12-05 19:56 - 000000000 ____D C:\Users\Biuro\AppData\Roaming\EasyAntiCheat 2023-01-11 17:57 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-01-11 17:55 - 2020-11-19 00:41 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2023-01-11 17:43 - 2014-07-10 23:31 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-01-11 17:42 - 2022-10-13 22:36 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2023-01-11 17:42 - 2022-08-28 11:42 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2023-01-11 17:42 - 2021-12-11 12:12 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2737232935-218490253-4012713160-1001 2023-01-11 17:38 - 2014-07-10 23:31 - 150199536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2023-01-09 09:10 - 2022-03-13 09:33 - 000195232 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2023-01-05 23:47 - 2021-01-31 10:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUS 2023-01-05 23:40 - 2022-05-03 08:44 - 000000000 ____D C:\Users\Biuro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xiaomi 2023-01-05 23:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Registration 2023-01-05 23:27 - 2019-02-12 16:30 - 000000000 ____D C:\Program Files (x86)\EaseUS 2023-01-05 22:57 - 2020-11-19 00:41 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-01-05 22:57 - 2020-11-19 00:41 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-12-31 08:06 - 2019-02-03 10:22 - 000000000 ____D C:\Users\Biuro\AppData\Local\Google ==================== Pliki w katalogu głównym wybranych folderów ======== 2020-02-17 22:30 - 2020-02-17 22:30 - 000000000 _____ () C:\Users\Biuro\VBoxManage.exe 2019-02-28 06:17 - 2019-02-28 06:23 - 787252104 _____ (Microsoft Corporation) C:\Users\Public\Office_Pro_2010_TechG_Polish_x64.exe 2019-03-04 22:04 - 2019-01-18 13:42 - 001628472 _____ () C:\Users\Public\taxodus__ssl_vpn_client.exe 2021-09-23 20:20 - 2021-09-23 20:21 - 000000197 _____ () C:\Users\Biuro\AppData\Roaming\ESXi-Customizer.ini 2021-01-09 21:50 - 2022-11-08 19:42 - 000000128 _____ () C:\Users\Biuro\AppData\Local\PUTTY.RND ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================