Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 25-06-2023 Uruchomiony przez Matoosh (administrator) DESKTOP-C6KQRF0 (Gigabyte Technology Co., Ltd. B450M DS3H) (26-06-2023 19:50:14) Uruchomiony z C:\Users\Matoosh\Downloads\FRST64.exe Załadowane profile: Matoosh & SQLTELEMETRY$SQLEXPRESS & OracleServiceORCL & MSSQL$SQLEXPRESS Platforma: Microsoft Windows 10 Pro Wersja 22H2 19045.3086 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (explorer.exe ->) (Open Source Developer, Dominik Reichl -> Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (H:\Program Files\PostgreSQL\13\bin\pg_ctl.exe ->) (PostgreSQL Global Development Group) [Brak podpisu cyfrowego] H:\Program Files\PostgreSQL\13\bin\postgres.exe <8> (Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <16> (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (services.exe ->) (Docker Inc -> Docker Inc.) C:\Program Files\Docker\Docker\com.docker.service (services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe (services.exe ->) (JetBrains s.r.o. -> JetBrains s.r.o) C:\Program Files\JetBrains\ETW Host\16\JetBrains.Etw.Collector.Host.exe (services.exe ->) (LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe (services.exe ->) (LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2> (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS\MSSQL\Binn\sqlceip.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_2f8b15057bd04fc7\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Oracle Corporation) [Brak podpisu cyfrowego] H:\app\Matoosh\virtual\product\12.2.0\dbhome_1\bin\oracle.exe (services.exe ->) (PostgreSQL Global Development Group) [Brak podpisu cyfrowego] H:\Program Files\PostgreSQL\13\bin\pg_ctl.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (services.exe ->) (VMware, Inc. -> ) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe (services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (svchost.exe ->) (Adobe Inc. -> Adobe Inc.) H:\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3089288 2022-11-10] (Riot Games, Inc. -> Riot Games, Inc.) HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3312208 2019-05-04] (Open Source Developer, Dominik Reichl -> Dominik Reichl) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-22] (Kilonova LLC -> ) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [117680 2019-09-16] (VMware, Inc. -> VMware, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-04-18] (Adobe Inc. -> ) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779504 2021-07-07] (Adobe Inc. -> Adobe Inc.) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.) HKU\S-1-5-21-755777045-2831524068-379227715-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Matoosh\AppData\Local\Microsoft\Teams\Update.exe [2588480 2023-06-18] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-755777045-2831524068-379227715-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [680728 2021-05-07] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-755777045-2831524068-379227715-1001\...\Run: [ChomikBox] => H:\Program Files (x86)\ChomikBox\ChomikBox.exe (Brak pliku) HKU\S-1-5-21-755777045-2831524068-379227715-1001\...\Run: [Overwolf] => H:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1785864 2023-05-24] (Overwolf Ltd -> Overwolf Ltd.) HKU\S-1-5-21-755777045-2831524068-379227715-1001\...\Run: [JetBrains Toolbox] => C:\Users\Matoosh\AppData\Local\JetBrains\Toolbox\bin\jetbrains-toolbox.exe [936888 2022-10-11] (JetBrains s.r.o. -> JetBrains) HKU\S-1-5-21-755777045-2831524068-379227715-1001\...\Run: [EpicGamesLauncher] => "B:\Programy\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent (Brak pliku) HKU\S-1-5-21-755777045-2831524068-379227715-1001\...\Run: [Docker Desktop] => C:\Program Files\Docker\Docker\Docker Desktop.exe [282416 2023-02-18] (Docker Inc -> Docker Inc.) HKU\S-1-5-21-755777045-2831524068-379227715-1001\...\RunOnce: [Application Restart #5] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe --profile-directory=Default --enable-dom-distiller --disable-domain-reliability --no-pings --extension-content-verification=en (dane wartości zawierają 570 znaków więcej). (Brak pliku) HKU\S-1-5-21-755777045-2831524068-379227715-1001\...\RunOnce: [Application Restart #6] => H:\Program Files (x86)\MS VS\2019\Community\Common7\IDE\devenv.exe [752040 2020-06-09] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-755777045-2831524068-379227715-1001\...\MountPoints2: {4076e12c-0375-11ed-b0d6-b42e99435000} - "E:\HiSuiteDownLoader.exe" HKU\S-1-5-21-755777045-2831524068-379227715-1019\...\Run: [EpicGamesLauncher] => "H:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent (Brak pliku) HKU\S-1-5-21-755777045-2831524068-379227715-1019\...\Run: [Discord] => C:\Users\Guest\AppData\Local\Discord\Update.exe [1512040 2021-03-18] (Discord Inc. -> GitHub) HKU\S-1-5-21-755777045-2831524068-379227715-1019\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe --disable-domain-reliability --disable-features=AutofillEnableAccountWalletStorage,AutofillServerCommunication,DirectSockets,S (dane wartości zawierają 865 znaków więcej). (Brak pliku) HKU\S-1-5-21-755777045-2831524068-379227715-1020\...\Run: [94978895F6A2631D9E041D7DEF9999D1F5DE415B._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8 [4113824 2023-06-15] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-755777045-2831524068-379227715-1020\...\Run: [Docker Desktop] => C:\Program Files\Docker\Docker\Docker Desktop.exe [282416 2023-02-18] (Docker Inc -> Docker Inc.) HKU\S-1-5-21-755777045-2831524068-379227715-1020\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe --enable-dom-distiller --disable-domain-reliability --no-pings --extension-content-verification=enforce_strict --extensions-in (dane wartości zawierają 497 znaków więcej). (Brak pliku) HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116736 2020-07-01] (pdfforge GmbH) [Brak podpisu cyfrowego] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\114.0.5735.134\Installer\chrmstp.exe [2023-06-16] (Google LLC -> Google LLC) ==================== Zaplanowane zadania (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {012092F1-6396-4D0B-B4EE-2722DC63F100} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {116EA1D4-160B-4A55-BD21-409A3B971422} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2639880 2023-05-24] (Overwolf Ltd -> Overwolf LTD) Task: {13C5B424-7341-42A5-AD30-168F3468E964} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\AppInstallerUpdater => C:\Windows\system32\rundll32.exe [71680 2021-03-15] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\AppxDeploymentClient.dll,AppInstallerUpdateAllTask Task: {23845D81-9A8C-480F-A35F-6EFD4F78076F} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-755777045-2831524068-379227715-1020 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Brak pliku) Task: {30751269-74CB-4D7B-8037-87F4A6DAF702} - System32\Tasks\GoogleUpdateTaskMachineUA{962735BD-14C3-4E5C-BFF8-B72D91F9AA2C} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-02] (Google LLC -> Google LLC) Task: {32F8B6FE-1D2B-4A36-AF61-E410FD09B6AE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {32FD44C3-2A3C-4CD2-BB07-521BE3FD6214} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-C6KQRF0-Matoosh => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {33977E67-A423-4C73-B845-C3CAC22C6EB2} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: ) Task: {400D8E2A-30DC-43FE-8B9A-7053A29181D2} - System32\Tasks\GoogleUpdateTaskMachineCore{74512FCA-18A2-490C-9909-3CC06B4DDE89} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-02] (Google LLC -> Google LLC) Task: {462DD994-4768-4D69-9168-DC812E0EB841} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [983496 2023-06-20] (Microsoft Corporation -> Microsoft Corporation) Task: {46E6E887-6638-400B-BB4B-4579721CA5B9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26557376 2023-06-20] (Microsoft Corporation -> Microsoft Corporation) Task: {4CDDE8DA-9A11-4A90-B092-9A1B9C991138} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170456 2023-06-20] (Microsoft Corporation -> Microsoft Corporation) Task: {51E4092F-C12F-44B5-A862-74D6E71503E7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {55E679C9-FDE0-4A47-8081-D3A63BE41991} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {67368C02-76AA-4CF3-B71D-D0F4B27CAD23} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {73F34700-9FBE-4467-838B-F3353DE58FDF} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [64936 2020-12-16] (Microsoft Corporation -> Microsoft) Task: {8283DBDD-07CA-4BF7-B0FE-E3A7F1B28EBF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157552 2023-06-20] (Microsoft Corporation -> Microsoft Corporation) Task: {862D8169-A8B4-40E1-831D-CF154C31BA9D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26557376 2023-06-20] (Microsoft Corporation -> Microsoft Corporation) Task: {9049278E-1FAC-4DB6-9DE0-BB9E377BEC2E} - System32\Tasks\MSIAfterburner => H:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [804328 2022-09-14] (MICRO-STAR INTERNATIONAL CO., LTD. -> ) Task: {9140898B-0EB5-4696-85EE-B4E6126FCB61} - System32\Tasks\ETW Host Service Updater v16 => C:\Program Files\JetBrains\ETW Host\16\Updater\EtwHostServiceUpdater.exe [192000 2023-01-25] (JetBrains s.r.o.) [Brak podpisu cyfrowego] Task: {91D643E1-D94F-4D77-BB46-D84891AF8290} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.) Task: {961B32C9-3B79-4B38-807E-939912A4B4EC} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9A70E56A-1C7A-4809-AECA-66BB5DF03DED} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation) Task: {A8DD6CD2-180E-4778-AC99-5436AD5F2E42} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157552 2023-06-20] (Microsoft Corporation -> Microsoft Corporation) Task: {B1EFBA18-88A1-4E11-A48A-F8F32B8C9EAD} - System32\Tasks\update-S-1-5-21-755777045-2831524068-379227715-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: ) Task: {B9D502E6-D10F-432D-A24A-914EBA2F123B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [732064 2023-06-13] (Mozilla Corporation -> Mozilla Foundation) Task: {BD6E7CAE-2448-41EC-9013-94E76358110B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C8868182-730A-4DF6-BC20-12979B16DE6F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {DE376585-F8B1-4060-B2A3-0180E0C01521} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {EF840514-0427-4BAD-A9DE-3ED92EC1C62A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F5FFD146-B2F3-48EF-87AE-99D94169EAF1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {FB943753-8071-44A3-992C-7DB1928AA935} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\update-S-1-5-21-755777045-2831524068-379227715-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\..\Interfaces\{6e0d9bbe-d8c8-48f6-97e7-a7abf7c9cdf7}: [DhcpNameServer] 192.168.19.1 Tcpip\..\Interfaces\{c2e0a0a4-2143-4d65-80c3-9db729d04d32}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{CD668B9F-C0D7-4078-BCBF-46509309AB17}: [DhcpNameServer] 10.1.1.30 10.1.1.32 Tcpip\..\Interfaces\{e05ff585-b636-4219-b1db-46ea781d2bdf}: [DhcpNameServer] 192.168.70.2 Edge: ======= Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono] Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono] Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono] Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono] Edge Profile: C:\Users\Matoosh\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-12] FireFox: ======== FF DefaultProfile: bzeumoy2.default FF DefaultProfile: tvqeb30z.default FF ProfilePath: C:\Users\Matoosh\AppData\Roaming\Mozilla\Firefox\Profiles\bzeumoy2.default [2020-06-30] FF ProfilePath: C:\Users\Matoosh\AppData\Roaming\Mozilla\Firefox\Profiles\r1efphis.default-release [2023-06-26] FF Homepage: Mozilla\Firefox\Profiles\r1efphis.default-release -> hxxps://inwestomat.eu/ FF Notifications: Mozilla\Firefox\Profiles\r1efphis.default-release -> hxxps://calendar.google.com FF Extension: (Clear Cache) - C:\Users\Matoosh\AppData\Roaming\Mozilla\Firefox\Profiles\r1efphis.default-release\Extensions\clearcache@michel.de.almeida.xpi [2022-08-24] FF Extension: (BetterTTV) - C:\Users\Matoosh\AppData\Roaming\Mozilla\Firefox\Profiles\r1efphis.default-release\Extensions\firefox@betterttv.net.xpi [2023-04-26] FF Extension: (HTTPS Everywhere) - C:\Users\Matoosh\AppData\Roaming\Mozilla\Firefox\Profiles\r1efphis.default-release\Extensions\https-everywhere-eff@eff.org.xpi [2022-05-24] [UpdateUrl:hxxps://www.eff.org/files/https-everywhere-updates.json] FF Extension: (Decentraleyes) - C:\Users\Matoosh\AppData\Roaming\Mozilla\Firefox\Profiles\r1efphis.default-release\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2022-02-01] FF Extension: (youtube-auto-loop) - C:\Users\Matoosh\AppData\Roaming\Mozilla\Firefox\Profiles\r1efphis.default-release\Extensions\jid1-n8tWKfp2h9JqDo@jetpack.xpi [2021-01-23] FF Extension: (Language: Polski (Polish)) - C:\Users\Matoosh\AppData\Roaming\Mozilla\Firefox\Profiles\r1efphis.default-release\Extensions\langpack-pl@firefox.mozilla.org.xpi [2023-06-21] FF Extension: (Polish Spellchecker Dictionary) - C:\Users\Matoosh\AppData\Roaming\Mozilla\Firefox\Profiles\r1efphis.default-release\Extensions\pl@dictionaries.addons.mozilla.org.xpi [2020-07-05] FF Extension: (uBlock Origin) - C:\Users\Matoosh\AppData\Roaming\Mozilla\Firefox\Profiles\r1efphis.default-release\Extensions\uBlock0@raymondhill.net.xpi [2023-06-15] FF Extension: (NoScript) - C:\Users\Matoosh\AppData\Roaming\Mozilla\Firefox\Profiles\r1efphis.default-release\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2023-05-21] FF Extension: (ClearURLs) - C:\Users\Matoosh\AppData\Roaming\Mozilla\Firefox\Profiles\r1efphis.default-release\Extensions\{74145f27-f039-47ce-a470-a662b129930a}.xpi [2023-02-03] FF Extension: (ImTranslator: Tłumacz, Słownik, Głos) - C:\Users\Matoosh\AppData\Roaming\Mozilla\Firefox\Profiles\r1efphis.default-release\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2021-01-26] FF Extension: (Matte Black (Red)) - C:\Users\Matoosh\AppData\Roaming\Mozilla\Firefox\Profiles\r1efphis.default-release\Extensions\{a7589411-c5f6-41cf-8bdc-f66527d9d930}.xpi [2022-02-24] FF Extension: (Add-ons Restricted Domains) - C:\Users\Matoosh\AppData\Roaming\Mozilla\Firefox\Profiles\r1efphis.default-release\features\{a9fe3d4f-ec5d-485b-ae7f-f3e32952d5e6}\addons-restricted-domains@mozilla.com.xpi [2023-06-14] FF ProfilePath: C:\Users\Matoosh\AppData\Roaming\librewolf\Profiles\tvqeb30z.default [2023-05-10] FF ProfilePath: C:\Users\Matoosh\AppData\Roaming\librewolf\Profiles\taj2dhci.default-default [2023-05-10] FF Extension: (uBlock Origin) - C:\Users\Matoosh\AppData\Roaming\librewolf\Profiles\taj2dhci.default-default\Extensions\uBlock0@raymondhill.net.xpi [2023-05-10] FF Plugin: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-05-21] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-05-21] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-06-14] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-07-07] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: @ganymede/GanymedeNetPlugin,version=1.0 -> H:\Gry\Ganymede\Plugins\npganymedenet.dll [2017-07-06] (Gamedesire Sp. z o.o. -> ) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-07-07] (Adobe Inc. -> Adobe Systems) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Matoosh\AppData\Local\Google\Chrome\User Data\Default [2023-06-21] CHR Extension: (uBlock Origin) - C:\Users\Matoosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-06-14] CHR Extension: (change-language) - C:\Users\Matoosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\cofdbpoegempjloogbagkncekinflcnj [2023-06-05] CHR Extension: (Clear Cache) - C:\Users\Matoosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\cppjkneekbjaeellbfkmgnhonkkjfpdn [2022-05-22] CHR Extension: (Dark Reader) - C:\Users\Matoosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2023-04-11] CHR Extension: (Dokumenty Google offline) - C:\Users\Matoosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-31] CHR Extension: (Mate Translate - translator, słownik) - C:\Users\Matoosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmgiclibbndffejedjimfjmfoabpcke [2022-11-17] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Matoosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-02] CHR Profile: C:\Users\Matoosh\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-02-13] Brave: ======= BRA DefaultProfile: Default BRA Profile: C:\Users\Matoosh\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-02-24] BRA Notifications: Default -> hxxps://calendar.google.com BRA Extension: (Google Translate) - C:\Users\Matoosh\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-06-20] BRA Extension: (uBlock Origin) - C:\Users\Matoosh\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-02-24] BRA Extension: (Stylus) - C:\Users\Matoosh\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\clngdbkpkpeebahjckkjfobafhncgmne [2021-02-24] BRA Extension: (Vue.js devtools) - C:\Users\Matoosh\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nhdogjmejiglipccpnnnanhbledajbpd [2021-02-14] BRA Extension: (Brave Local Data Files Updater) - C:\Users\Matoosh\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-02-24] BRA Extension: (Brave User Model Installer) - C:\Users\Matoosh\AppData\Local\BraveSoftware\Brave-Browser\User Data\aijecnhpjljblhnogamehknbmljlbfgn [2021-02-24] BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Matoosh\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-02-24] BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\Matoosh\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2020-03-29] BRA Extension: (Brave NTP sponsored images) - C:\Users\Matoosh\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodhafecfemgejckecbnmpobnhmoaoag [2021-02-24] BRA Extension: (Brave SpeedReader Updater) - C:\Users\Matoosh\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2020-09-27] BRA Extension: (Crypto Wallets) - C:\Users\Matoosh\AppData\Local\BraveSoftware\Brave-Browser\User Data\odbfpeeihdkbihmopkbjmoonfanlbfcl [2020-06-05] BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Matoosh\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-02-24] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.) S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842480 2021-07-07] (Adobe Inc. -> Adobe Inc.) S3 AntiCheatExpert Service; C:\Program Files\AntiCheatExpert\SGuard\x64\SGuardSvc64.exe [2703960 2022-08-25] (PUBG CORPORATION -> ) R2 AzureAttestService; C:\Program Files\Microsoft\AzureAttestService\AzureAttestService.dll [151288 2019-07-24] (Microsoft Windows -> Microsoft Corporation) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9880840 2023-03-15] (BattlEye Innovations e.K. -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11774392 2023-06-20] (Microsoft Corporation -> Microsoft Corporation) R2 com.docker.service; C:\Program Files\Docker\Docker\com.docker.service [19792 2023-02-18] (Docker Inc -> Docker Inc.) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2023-03-28] (EasyAntiCheat Oy -> Epic Games, Inc) R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.) R2 JetBrainsEtwHost.16; C:\Program Files\JetBrains\ETW Host\16\JetBrains.Etw.Collector.Host.exe [1545512 2023-01-25] (JetBrains s.r.o. -> JetBrains s.r.o) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.) S3 LxssManagerUser; C:\WINDOWS\system32\lxss\wslclient.dll [393216 2023-05-13] (Microsoft Windows -> Microsoft Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9258016 2023-06-13] (Malwarebytes Inc. -> Malwarebytes) S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [26402480 2022-10-23] (My.Com B.V. -> My.com B.V.) R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [626280 2019-09-24] (Microsoft Corporation -> Microsoft Corporation) R2 OracleServiceORCL; h:\app\matoosh\virtual\product\12.2.0\dbhome_1\bin\ORACLE.EXE [291897344 2017-03-08] (Oracle Corporation) [Brak podpisu cyfrowego] S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2639880 2023-05-24] (Overwolf Ltd -> Overwolf LTD) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2019-07-02] (Even Balance, Inc. -> ) R2 postgresql-x64-13; H:\Program Files\PostgreSQL\13\bin\pg_ctl.exe [117248 2021-05-12] (PostgreSQL Global Development Group) [Brak podpisu cyfrowego] S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [336208 2023-06-14] (Microsoft Windows Publisher -> Microsoft Corporation) S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [10752 2019-06-10] () [Brak podpisu cyfrowego] S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [695912 2019-09-24] (Microsoft Corporation -> Microsoft Corporation) R2 SQLTELEMETRY$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS\MSSQL\Binn\sqlceip.exe [290648 2019-09-24] (Microsoft Corporation -> Microsoft Corporation) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Brak podpisu cyfrowego] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [15508280 2023-02-24] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\Wellbia.com\ucldr_battlegrounds_gl.exe [5963304 2023-03-26] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10430256 2022-11-10] (Riot Games, Inc. -> Riot Games, Inc.) R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [15476144 2019-09-16] (VMware, Inc. -> ) S3 VSStandardCollectorService150; H:\Program Files (x86)\MS VS\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-05-01] (Microsoft Corporation -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe [3232576 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe [133592 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation) S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [12061536 2023-03-26] (KRAFTON, Inc. -> KRAFTON, Inc) S4 MySQL80; "C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe" --defaults-file="C:\ProgramData\MySQL\MySQL Server 8.0\my.ini" MySQL80 R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_2f8b15057bd04fc7\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_2f8b15057bd04fc7\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem S3 Rockstar Service; "B:\Programy\Rockstar\Launcher\RockstarService.exe" [X] ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 ACE-BASE; C:\WINDOWS\system32\drivers\ACE-BASE.sys [2231936 2022-08-25] (PUBG CORPORATION -> ANTICHEATEXPERT.COM) S3 ACE-GAME; C:\WINDOWS\system32\drivers\ACE-GAME.sys [952960 2022-08-25] (PUBG CORPORATION -> ANTICHEATEXPERT.COM) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 cpuz148; C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [44648 2023-05-31] (CPUID S.A.R.L.U. -> CPUID) S3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps) S3 DroidCamVideo; C:\WINDOWS\System32\DriverStore\FileRepository\droidcamvideo.inf_amd64_47e18363cbf3dfe0\droidcamvideo.sys [33784 2021-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S3 FairplayKD; C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [104512 2022-05-12] (Hans Roes -> Multi Theft Auto) R3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-05-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-05-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv1.sys [25636664 2022-10-23] (My.Com B.V. -> My.com B.V.) R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation) S4 RsFx0600; C:\WINDOWS\System32\DRIVERS\RsFx0600.sys [286976 2019-09-24] (Microsoft Corporation -> Microsoft Corporation) S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2019-10-07] (Apple, Inc.) [Brak podpisu cyfrowego] S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [22216888 2022-11-10] (Riot Games, Inc. -> Riot Games, Inc.) R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [66368 2019-09-16] (VMware, Inc. -> VMware, Inc.) R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [103224 2019-08-14] (VMware, Inc. -> VMware, Inc.) R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc. -> VMware, Inc.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2023-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498944 2023-06-13] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99568 2023-06-13] (Microsoft Windows -> Microsoft Corporation) S3 xhunter1; C:\WINDOWS\xhunter1.sys [1432232 2023-03-28] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) S3 MpKsla73cdbdc; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7110A63C-4836-416B-B92F-6A8E5C2D9ACC}\MpKslDrv.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2023-06-26 19:50 - 2023-06-26 19:53 - 000040538 _____ C:\Users\Matoosh\Downloads\FRST.txt 2023-06-26 19:44 - 2023-06-26 19:44 - 000000000 ____D C:\Users\Matoosh\Downloads\FRST-OlderVersion 2023-06-26 19:43 - 2023-06-26 19:44 - 002383360 _____ (Farbar) C:\Users\Matoosh\Downloads\FRST64.exe 2023-06-19 07:14 - 2023-06-19 07:14 - 000068582 _____ C:\Users\Matoosh\Downloads\1133084775_19_5_2023(7_14)_wydruk.pdf 2023-06-14 18:04 - 2023-06-14 18:04 - 000000000 ___HD C:\$WinREAgent 2023-06-13 07:49 - 2023-06-26 19:16 - 000000000 ____D C:\Program Files\Mozilla Firefox 2023-06-08 20:40 - 2023-06-08 20:40 - 000753232 _____ C:\Users\Matoosh\Documents\Dokumenty_owu_karta_produktu.zip 2023-06-08 20:38 - 2023-06-08 20:38 - 000885503 _____ C:\Users\Matoosh\Downloads\5A02_X_1613_I_OWU_ADO_III_kor_KNZ_11052021.PDF 2023-06-07 09:50 - 2023-06-08 20:35 - 000000000 ____D C:\Users\Matoosh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code 2023-06-07 09:50 - 2023-06-07 09:50 - 000000000 ____D C:\Users\Matoosh\.vscode-cli 2023-06-06 20:46 - 2023-06-06 20:46 - 000000000 ____D C:\Users\Public\mod.io 2023-06-06 20:46 - 2023-06-06 20:46 - 000000000 ____D C:\Users\Matoosh\AppData\Local\mod.io 2023-05-31 20:44 - 2023-05-31 20:44 - 002249913 _____ (EFD Software ) C:\Users\Matoosh\Downloads\hdtunepro_575_trial.exe 2023-05-31 20:43 - 2023-05-31 20:43 - 000642632 _____ (EFD Software ) C:\Users\Matoosh\Downloads\hdtune_255.exe 2023-05-31 20:39 - 2023-05-31 20:52 - 000000000 ____D C:\Program Files (x86)\Hard Disk Sentinel 2023-05-31 20:39 - 2023-05-31 20:39 - 000000000 ____D C:\Users\Matoosh\AppData\Roaming\Hard Disk Sentinel 2023-05-31 20:38 - 2023-05-31 20:38 - 037064423 _____ C:\Users\Matoosh\Downloads\hdsentinel_trial_setup.zip 2023-05-31 20:38 - 2023-05-31 20:38 - 000000000 ____D C:\Users\Matoosh\Downloads\hdsentinel_trial_setup 2023-05-31 20:37 - 2023-05-31 20:37 - 000000000 ____D C:\Users\Matoosh\Downloads\Hard_Disk_Sentinel_Pro_6.01_Portable 2023-05-31 20:35 - 2023-05-31 20:36 - 030086058 _____ C:\Users\Matoosh\Downloads\Hard_Disk_Sentinel_Pro_6.01_Portable.rar 2023-05-31 18:01 - 2023-05-31 18:01 - 000000000 ____D C:\ProgramData\Dbg 2023-05-31 17:58 - 2023-05-31 17:58 - 000000686 _____ C:\Users\Matoosh\Downloads\windbg.appinstaller 2023-05-31 17:56 - 2023-05-31 17:56 - 000000000 ____D C:\Users\Matoosh\Desktop\W10 Errors ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2023-06-26 19:52 - 2020-01-21 16:52 - 000000000 ____D C:\FRST 2023-06-26 19:52 - 2019-06-11 17:43 - 000000000 ____D C:\Users\Matoosh\AppData\Local\CrashDumps 2023-06-26 19:51 - 2022-10-12 17:30 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2023-06-26 19:51 - 2022-10-12 17:30 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk 2023-06-26 19:51 - 2021-03-15 17:40 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2023-06-26 19:48 - 2022-02-02 22:47 - 000000000 ____D C:\Program Files (x86)\Google 2023-06-26 19:48 - 2021-12-18 23:44 - 000000000 ____D C:\WINDOWS\SystemTemp 2023-06-26 19:46 - 2022-08-12 15:06 - 000589888 _____ C:\WINDOWS\system32\perfh014.dat 2023-06-26 19:46 - 2022-08-12 15:06 - 000139842 _____ C:\WINDOWS\system32\perfc014.dat 2023-06-26 19:46 - 2021-03-15 17:30 - 003041372 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-06-26 19:46 - 2019-12-07 17:09 - 000972446 _____ C:\WINDOWS\system32\perfh015.dat 2023-06-26 19:46 - 2019-12-07 17:09 - 000236058 _____ C:\WINDOWS\system32\perfc015.dat 2023-06-26 19:46 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2023-06-26 19:45 - 2019-06-10 17:09 - 000000000 ____D C:\ProgramData\NVIDIA 2023-06-26 19:43 - 2020-07-26 15:01 - 000000447 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2023-06-26 19:42 - 2022-02-12 10:41 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2023-06-26 19:41 - 2023-05-10 21:18 - 000000000 ____D C:\Users\Matoosh\AppData\Local\Malwarebytes 2023-06-26 19:41 - 2021-03-15 17:40 - 000003146 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner 2023-06-26 19:39 - 2021-03-15 17:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-06-26 19:39 - 2021-03-15 17:30 - 000000000 ____D C:\Users\Matoosh 2023-06-26 19:39 - 2021-03-15 17:29 - 000008192 ___SH C:\DumpStack.log.tmp 2023-06-26 19:39 - 2020-07-26 15:00 - 000000000 ____D C:\ProgramData\DockerDesktop 2023-06-26 19:39 - 2020-02-20 18:26 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2023-06-26 19:39 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-06-26 19:39 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2023-06-26 19:39 - 2019-10-23 17:47 - 000000000 ____D C:\ProgramData\VMware 2023-06-26 19:30 - 2021-10-18 20:20 - 000000000 ____D C:\WINDOWS\Minidump 2023-06-26 19:30 - 2021-03-15 17:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-06-26 19:30 - 2020-01-18 06:08 - 000666976 ____N C:\WINDOWS\Minidump\062623-13359-01.dmp 2023-06-26 19:14 - 2022-02-03 22:31 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat 2023-06-21 11:43 - 2019-06-10 17:39 - 000000000 ____D C:\Users\Matoosh\AppData\Roaming\KeePass 2023-06-20 16:18 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-06-20 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-06-20 16:15 - 2019-06-10 18:23 - 000000000 ____D C:\Program Files\Microsoft Office 2023-06-19 20:54 - 2019-06-10 18:09 - 000000000 ____D C:\Users\Matoosh\AppData\Roaming\Discord 2023-06-19 20:52 - 2022-02-27 20:45 - 000000000 ____D C:\Users\Matoosh\Zomboid 2023-06-19 20:06 - 2019-06-10 18:09 - 000000000 ____D C:\Users\Matoosh\AppData\Local\Discord 2023-06-19 19:06 - 2022-10-20 19:09 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe 2023-06-19 19:06 - 2022-10-20 19:09 - 000062968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe 2023-06-19 19:06 - 2021-11-23 16:37 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll 2023-06-19 19:06 - 2020-05-22 08:14 - 000493048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll 2023-06-19 19:06 - 2020-04-20 16:43 - 002807296 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll 2023-06-19 19:06 - 2020-04-20 16:43 - 000247288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll 2023-06-19 19:06 - 2020-04-20 16:43 - 000202232 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll 2023-06-19 19:06 - 2020-04-20 16:43 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll 2023-06-19 07:12 - 2019-06-10 22:13 - 000000000 ____D C:\Users\Matoosh\AppData\Roaming\Microsoft\Teams 2023-06-18 20:19 - 2020-03-28 09:58 - 000002374 _____ C:\Users\Matoosh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk 2023-06-18 19:50 - 2019-06-30 16:25 - 000000000 ____D C:\Users\Matoosh\AppData\Roaming\Code 2023-06-18 16:32 - 2019-06-10 17:28 - 000140014 _____ C:\Users\Matoosh\Desktop\baza.kdbx 2023-06-17 18:04 - 2020-12-30 11:22 - 000000000 ____D C:\Users\Matoosh\AppData\Roaming\StardewValley 2023-06-17 09:37 - 2023-01-17 13:32 - 000002286 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2023-06-17 09:37 - 2020-08-24 13:46 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-06-16 18:43 - 2022-02-02 22:48 - 000003940 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{962735BD-14C3-4E5C-BFF8-B72D91F9AA2C} 2023-06-16 18:43 - 2022-02-02 22:48 - 000003816 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{74512FCA-18A2-490C-9909-3CC06B4DDE89} 2023-06-16 13:40 - 2022-02-02 22:48 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-06-16 13:40 - 2022-02-02 22:48 - 000002212 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2023-06-15 13:29 - 2021-03-15 17:29 - 005200176 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-06-15 13:28 - 2021-03-15 17:12 - 000000000 ___SD C:\WINDOWS\system32\lxss 2023-06-15 13:28 - 2021-03-15 17:12 - 000000000 ____D C:\Program Files\Hyper-V 2023-06-15 13:28 - 2020-06-30 10:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2023-06-15 13:28 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2023-06-15 13:28 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2023-06-15 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2023-06-15 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2023-06-15 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2023-06-15 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-06-15 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2023-06-15 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2023-06-15 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2023-06-15 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-06-14 20:46 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-06-14 20:44 - 2021-03-15 17:31 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2023-06-14 18:04 - 2019-06-10 19:38 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-06-14 18:00 - 2019-06-10 19:38 - 170078616 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2023-06-14 17:00 - 2020-06-30 10:39 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2023-06-13 19:12 - 2021-12-17 09:01 - 000000000 ____D C:\Users\Matoosh\Documents\Pliki programu Outlook 2023-06-13 19:12 - 2019-07-13 08:16 - 000000000 ____D C:\Users\Matoosh\AppData\Roaming\Microsoft\Excel 2023-06-13 07:51 - 2019-06-10 17:00 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2023-06-13 07:48 - 2021-03-15 17:40 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-06-13 07:48 - 2021-03-15 17:40 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-06-08 10:05 - 2019-06-10 17:03 - 000000000 ____D C:\Users\Matoosh\AppData\Local\Packages 2023-06-07 20:30 - 2019-06-10 17:13 - 000000000 ____D C:\Users\Matoosh\AppData\Local\D3DSCache 2023-06-07 10:18 - 2019-08-31 20:41 - 000000000 ____D C:\Users\Matoosh\AppData\Roaming\obs-studio 2023-06-07 10:12 - 2023-05-22 13:32 - 000006782 _____ C:\Users\Matoosh\Desktop\pytania.txt 2023-06-06 17:23 - 2020-11-11 19:02 - 000000000 ____D C:\Users\Matoosh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2023-06-05 11:55 - 2022-01-24 20:54 - 000000000 ____D C:\Users\Matoosh\AppData\Roaming\.minecraft 2023-06-04 20:19 - 2023-02-18 19:18 - 000000000 ____D C:\Users\Matoosh\AppData\Roaming\Docker Desktop 2023-06-04 08:25 - 2020-07-26 14:58 - 000000000 ____D C:\Users\Matoosh\AppData\Local\Docker 2023-05-31 20:46 - 2022-10-28 13:08 - 000000000 ____D C:\Program Files (x86)\HD Tune Pro 2023-05-31 18:01 - 2022-02-03 22:34 - 000000000 ____D C:\Users\Matoosh\AppData\Local\DBG 2023-05-31 18:01 - 2019-06-10 17:06 - 000000000 ____D C:\Users\Matoosh\AppData\Local\PlaceholderTileLogoFolder 2023-05-31 18:00 - 2019-06-10 17:11 - 000000000 ____D C:\ProgramData\Packages 2023-05-31 13:10 - 2020-01-18 06:08 - 001854780 _____ C:\WINDOWS\Minidump\053123-16609-01.dmp ==================== Pliki w katalogu głównym wybranych folderów ======== 2021-06-07 22:07 - 2021-04-08 22:07 - 000000032 ____R () C:\ProgramData\hash.dat 2020-12-28 11:51 - 2020-12-28 11:51 - 000000000 _____ () C:\Users\Matoosh\.mongorc.js 2021-06-30 10:50 - 2021-06-30 10:50 - 000000016 _____ () C:\Users\Matoosh\AppData\Roaming\obs-virtualcam.txt 2019-07-21 19:02 - 2021-08-27 22:07 - 000000132 _____ () C:\Users\Matoosh\AppData\Roaming\Preferencje formatu PNG CS6 firmy Adobe 2021-02-16 18:11 - 2021-02-16 18:11 - 000001496 _____ () C:\Users\Matoosh\AppData\Local\Adobe Zapisz dla Internetu 13.0 Prefs 2020-05-10 14:58 - 2021-08-17 12:13 - 000000205 _____ () C:\Users\Matoosh\AppData\Local\oobelibMkey.log 2020-12-03 15:31 - 2021-09-22 17:10 - 000000128 _____ () C:\Users\Matoosh\AppData\Local\PUTTY.RND 2020-07-05 17:26 - 2021-05-06 19:55 - 000007608 _____ () C:\Users\Matoosh\AppData\Local\Resmon.ResmonCfg 2019-06-10 18:29 - 2019-06-10 18:29 - 000000003 _____ () C:\Users\Matoosh\AppData\Local\updater.log 2019-06-10 18:29 - 2022-03-05 19:36 - 000000424 _____ () C:\Users\Matoosh\AppData\Local\UserProducts.xml ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================