Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 16-09-2024 Uruchomiony przez Kula (administrator) KOMPUTER-Z-PODS (Gigabyte Technology Co., Ltd. Z370 HD3) (20-09-2024 23:54:49) Uruchomiony z B:\Games\FRST64.exe Załadowane profile: Kula & OVRLibraryService Platforma: Microsoft Windows 10 Pro Wersja 22H2 19045.4780 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Facebook Technologies, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Facebook Technologies, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11> (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (services.exe ->) (Facebook Technologies, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (services.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\129.0.6668.14\remoting_host.exe <2> (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_493585427225c794\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (OpenVPN Technologies, Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3023152 2024-03-06] (Riot Games, Inc. -> Riot Games, Inc.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [TabletDriver] => B:\Huion Tablet\Huion Tablet.exe huion-hklm (Brak pliku) HKLM\...\Run: [MTPW] => "C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe" (Brak pliku) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [Genshin Impact Beta_Launcher] => [X] HKLM-x32\...\Run: [Star Rail_launcher_hoyoverse_PC_1_1] => [X] HKU\S-1-5-21-4118281393-334457590-4262429159-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1842952 2024-08-29] (Overwolf Ltd -> Overwolf Ltd.) HKU\S-1-5-21-4118281393-334457590-4262429159-1001\...\Run: [TabletDriver] => B:\Huion Tablet\x64\TabletDriverCore.exe (Brak pliku) HKU\S-1-5-21-4118281393-334457590-4262429159-1001\...\Run: [Voicemod] => B:\Program Files\Voicemod Desktop\VoicemodDesktop.exe [7313360 2022-04-21] (Voicemod Sociedad Limitada -> Voicemod) HKU\S-1-5-21-4118281393-334457590-4262429159-1001\...\Run: [com.blitz.app] => C:\Users\Kula\AppData\Local\Programs\Blitz\Blitz.exe [121829184 2022-06-10] (Swift Media Entertainment, Inc. -> Blitz, Inc.) HKU\S-1-5-21-4118281393-334457590-4262429159-1001\...\Run: [Spotify] => C:\Users\Kula\AppData\Roaming\Spotify\Spotify.exe [20050296 2022-11-05] (Spotify AB -> Spotify Ltd) [Brak podpisu cyfrowego] HKU\S-1-5-21-4118281393-334457590-4262429159-1001\...\Run: [MicrosoftEdgeAutoLaunch_B6F3BB498533B0154DDB17224FD7117C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3741224 2024-09-12] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-4118281393-334457590-4262429159-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe --launch-background-mode (Brak pliku) HKU\S-1-5-21-4118281393-334457590-4262429159-1001\...\Run: [Opera Browser Assistant] => C:\Users\Kula\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3996064 2024-03-04] (Opera Norway AS -> Opera Software) HKU\S-1-5-21-4118281393-334457590-4262429159-1001\...\Run: [Battle.net] => "B:\Folder\Battle.net\Battle.net.exe" --autostarted (Brak pliku) HKU\S-1-5-21-4118281393-334457590-4262429159-1001\...\Run: [GalaxyClient] => [X] HKU\S-1-5-21-4118281393-334457590-4262429159-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14303056 2024-07-16] (GOG sp. z o.o -> GOG.com) HKU\S-1-5-21-4118281393-334457590-4262429159-1001\...\MountPoints2: {2f2260c3-e29e-11e9-9c87-e0d55e0daa92} - "E:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4118281393-334457590-4262429159-1001\...\MountPoints2: {cb3785b4-b1d4-11eb-9d4f-e0d55e0daa92} - "E:\HiSuiteDownLoader.exe" HKLM\Software\...\AppCompatFlags\Custom\H3Blade.exe: [{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb] -> HoMM III Compatibility Database HKLM\Software\...\AppCompatFlags\InstalledSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb [2020-02-06] HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" /f HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\128.0.6613.139\Installer\chrmstp.exe [2024-09-18] (Google LLC -> Google LLC) AppInit_DLLs: C:\PROGRA~1\VIRTUA~1\VIRTUA~4.DLL => C:\Program Files\Virtual Desktop Streamer\VirtualDesktop.Injector64.dll [136064 2024-07-27] (Virtual Desktop, Inc -> Virtual Desktop, Inc.) AppInit_DLLs-x32: C:\PROGRA~1\VIRTUA~1\VIRTUA~3.DLL => C:\Program Files\Virtual Desktop Streamer\VirtualDesktop.Injector32.dll [112512 2024-07-13] (Virtual Desktop, Inc -> Virtual Desktop, Inc.) Startup: C:\Users\Kula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2021-04-22] ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited) Startup: C:\Users\Kula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2019-10-20] ShortcutTarget: Twitch.lnk -> C:\Users\Kula\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Huion Tablet.lnk [2021-01-05] ShortcutTarget: Huion Tablet.lnk -> B:\Huion Tablet\Huion Tablet.exe (Brak pliku) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ROCCAT Swarm Monitor.lnk [2020-11-30] ShortcutTarget: ROCCAT Swarm Monitor.lnk -> B:\Folder\ROCCAT Swarm\ROCCAT_Swarm_Monitor.exe (Voyetra Turtle Beach, Inc. -> ROCCAT) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScpToolkit Tray Notifications.lnk [2022-03-14] ShortcutTarget: ScpToolkit Tray Notifications.lnk -> C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe (Scarlet.Crush Productions) [Brak podpisu cyfrowego] GroupPolicy: Ograniczenia ? <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {E4C32E3D-600F-4519-B55B-43A5D1D12031} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.) Task: {E52081D3-ACA5-4C63-8FEE-10F21AA35041} - System32\Tasks\BorderlessGaming => B:\Steam\steamapps\common\Borderless Gaming\BorderlessGaming.exe --silent --minimize (Brak pliku) Task: {3E0EA95F-06CB-4127-8AE1-45165E874B81} - System32\Tasks\EmptyStandbyList => "C:\Empty Standby List\EmptyStandbyList.exe" (Brak pliku) Task: {75EB8D26-A67B-4EAF-89E6-50B5C235B950} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{6782E3B7-9722-4A90-80C6-FF2422E34FAF} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC) Task: {DE3913BB-5495-475F-8758-DE3CE3D66558} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-4118281393-334457590-4262429159-1001 => C:\ProgramData\MEGAsync\MEGAupdater.exe [2531496 2022-05-07] (Mega Limited -> ) Task: {3E41C5BE-9E9C-43E2-82EE-355ABF5B55BE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27369752 2020-03-03] (Microsoft Corporation -> Microsoft Corporation) Task: {11665069-F8F4-44EB-B98E-6B568F79D737} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27369752 2020-03-03] (Microsoft Corporation -> Microsoft Corporation) Task: {FCD885D2-AFEE-4CFD-AAD4-B848AC0B5B66} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\sdxhelper.exe [150272 2020-03-26] (Microsoft Corporation -> Microsoft Corporation) Task: {3EE98E4E-8666-4835-AC89-CB601C825CC4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\sdxhelper.exe [150272 2020-03-26] (Microsoft Corporation -> Microsoft Corporation) Task: {C8330C90-69A2-43CC-8E2F-61F4CEE7F799} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16\OLicenseHeartbeat.exe [2350176 2020-03-26] (Microsoft Corporation -> Microsoft Corporation) Task: {F1D00372-8979-4D32-B7CA-278184221217} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2167920 2020-03-26] (Microsoft Corporation -> Microsoft Corporation) Task: {739FDA1F-EDB3-4060-87D8-65A42D93CD94} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2167920 2020-03-26] (Microsoft Corporation -> Microsoft Corporation) Task: {71E39313-0040-44C0-858B-F9356EC0E82B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6292336 2020-03-26] (Microsoft Corporation -> Microsoft Corporation) Task: {3B9A8BE5-F291-4B7D-AF81-2ED9BBD2BD27} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6292336 2020-03-26] (Microsoft Corporation -> Microsoft Corporation) Task: {EC30B35D-4A05-468D-87FC-19EC7E569D06} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-26] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5968B2EC-4F89-4B54-A89E-7F3F69E8A7C7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-26] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A32381DA-6DFD-4A7E-8C35-C7AD75755D9A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-26] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {96D81FF8-72C3-41A7-9821-D0A89CD9780D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-26] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {2854D170-BBC1-4E5A-89CD-E6624CF7A436} - System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe /fromtask (Brak pliku) Task: {E9B2D49C-1FE1-4EB4-BE3B-6BD13B205EEF} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672328 2024-09-18] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (dane wartości zawierają 6 znaków więcej). Task: {EC661F24-C13F-49EE-B93E-FBC76E2D344F} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-4118281393-334457590-4262429159-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672328 2024-09-18] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (dane wartości zawierają 6 znaków więcej). Task: {76C47042-92A7-4156-9618-062D3B321C5E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34376 2024-09-18] (Mozilla Corporation -> Mozilla Foundation) Task: {2A1246B3-6CD4-49ED-B4AB-778DCEBF56CC} - System32\Tasks\Mozilla\Firefox Nightly Default Browser Agent 6F193CCC56814779 => C:\Program Files\Firefox Nightly\default-browser-agent.exe [698864 2021-03-04] (Mozilla Corporation -> Mozilla Foundation) Task: {7A08C7C2-FCC7-4873-A3DA-3629D1AE74A2} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {18960C8A-6F3C-4B5B-A31C-BA6F8E892CBF} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation) Task: {5EB0819A-B6A4-4957-9FB8-08B6A7CE85F4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler Task: {5D3EB71C-1418-4BD4-9BA9-137961A9841A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C4ED6A5C-6BA6-43DA-A576-9D0EB79E9685} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation) Task: {29FAA3AF-C799-4AAC-82DB-1298CB79061D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation) Task: {67937458-12A9-4866-8790-1C21D758C56E} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation) Task: {3B9B92AB-7A2A-43D3-8E1D-E1DAA9DDE91E} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation) Task: {92E22DE9-CB17-4ACB-B828-54BA5B307822} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2F071F89-DB18-4F16-BA1F-133DD38583D6} - System32\Tasks\Opera scheduled assistant Autoupdate 1582277760 => C:\Users\Kula\AppData\Local\Programs\Opera\launcher.exe [1592224 2024-08-12] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Kula\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {E5F0654B-030B-4BE3-BD77-64650582D9BF} - System32\Tasks\Opera scheduled Autoupdate 1566395583 => C:\Users\Kula\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5770656 2024-08-06] (Opera Norway AS -> Opera Software) Task: {0F386ED0-9B01-48BA-9962-09891C2964F4} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2388744 2024-08-29] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule Task: {9BFF8E3C-F678-42EF-BE81-BED302A54A9A} - System32\Tasks\ROCCAT DEVICE SERVICE => B:\Folder\ROCCAT Swarm\ROCCAT_dev_service.exe [443632 2020-11-23] (Voyetra Turtle Beach, Inc. -> ROCCAT) Task: {CE1B0053-4A70-419E-88C9-67A1B155E3F3} - System32\Tasks\updater => C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe [464384 2016-01-10] (Nefarius Software Solutions) [Brak podpisu cyfrowego] (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.84.125 Tcpip\..\Interfaces\{2283a0d2-6a97-496a-8566-b43c5453927b}: [DhcpNameServer] 10.5.1.1 Tcpip\..\Interfaces\{3e8a4054-b627-453d-b568-7a7480e72f75}: [DhcpNameServer] 192.168.84.125 Tcpip\..\Interfaces\{b95b10ff-a186-4330-8163-8aa1b7b04dce}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{c55f233c-8a0e-45fd-a35a-c8f30819f823}: [DhcpNameServer] 192.168.42.129 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Kula\AppData\Local\Microsoft\Edge\User Data\Default [2024-08-21] Edge Extension: (Dokumenty Google offline) - C:\Users\Kula\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-28] Edge Extension: (Edge relevant text changes) - C:\Users\Kula\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-02] Edge Profile: C:\Users\Kula\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2021-09-10] FireFox: ======== FF DefaultProfile: 4d9lcst7.default FF ProfilePath: C:\Users\Kula\AppData\Roaming\Mozilla\Firefox\Profiles\81oix7z7.default-nightly [2021-11-04] FF Extension: (Ruffle) - C:\Users\Kula\AppData\Roaming\Mozilla\Firefox\Profiles\81oix7z7.default-nightly\Extensions\ruffle-player-extension@ruffle.rs.xpi [2021-03-04] [Brak podpisu cyfrowego] FF ProfilePath: C:\Users\Kula\AppData\Roaming\Mozilla\Firefox\Profiles\4d9lcst7.default [2019-10-20] FF NewTab: Mozilla\Firefox\Profiles\4d9lcst7.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10427__191020 FF ProfilePath: C:\Users\Kula\AppData\Roaming\Mozilla\Firefox\Profiles\79j20mx1.default-release [2024-09-20] FF NewTab: Mozilla\Firefox\Profiles\79j20mx1.default-release -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10427__191020 FF Notifications: Mozilla\Firefox\Profiles\79j20mx1.default-release -> hxxps://aternos.org; hxxps://skinport.com; hxxps://www.upwork.com FF Extension: (FrankerFaceZ) - C:\Users\Kula\AppData\Roaming\Mozilla\Firefox\Profiles\79j20mx1.default-release\Extensions\frankerfacez@frankerfacez.com.xpi [2023-08-29] [UpdateUrl:hxxps://cdn.frankerfacez.com/script/firefox-updates.json] FF Extension: (MyJDownloader Browser Extension) - C:\Users\Kula\AppData\Roaming\Mozilla\Firefox\Profiles\79j20mx1.default-release\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2024-05-15] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json] FF Extension: (JavaScript-Java Bridge) - C:\Users\Kula\AppData\Roaming\Mozilla\Firefox\Profiles\79j20mx1.default-release\Extensions\jsjbridge@advancedcontrols.com.au.xpi [2021-04-11] FF Extension: (7TV) - C:\Users\Kula\AppData\Roaming\Mozilla\Firefox\Profiles\79j20mx1.default-release\Extensions\moz-addon-prod@7tv.app.xpi [2023-08-29] [UpdateUrl:hxxps://extension.7tv.gg/manifest.moz.json] FF Extension: (Chrome Remote Desktop) - C:\Users\Kula\AppData\Roaming\Mozilla\Firefox\Profiles\79j20mx1.default-release\Extensions\remotedesktop@google.com.xpi [2021-07-19] [UpdateUrl:hxxps://www.gstatic.com/chromoting/firefox_extension/update.json] FF Extension: (S-CSS-P) - C:\Users\Kula\AppData\Roaming\Mozilla\Firefox\Profiles\79j20mx1.default-release\Extensions\s-css-p@o5command.com.xpi [2022-11-24] FF Extension: (uBlock Origin) - C:\Users\Kula\AppData\Roaming\Mozilla\Firefox\Profiles\79j20mx1.default-release\Extensions\uBlock0@raymondhill.net.xpi [2024-08-01] FF Extension: (MetaMask) - C:\Users\Kula\AppData\Roaming\Mozilla\Firefox\Profiles\79j20mx1.default-release\Extensions\webextension@metamask.io.xpi [2024-08-30] FF Extension: (Augmented Steam) - C:\Users\Kula\AppData\Roaming\Mozilla\Firefox\Profiles\79j20mx1.default-release\Extensions\{1be309c5-3e4f-4b99-927d-bb500eb4fa88}.xpi [2024-09-20] FF Extension: (Channel Point and Drop Collector) - C:\Users\Kula\AppData\Roaming\Mozilla\Firefox\Profiles\79j20mx1.default-release\Extensions\{2fe0dc39-e2d5-455a-a59b-619da4387cc0}.xpi [2022-12-29] FF Extension: (Szafir SDK Web) - C:\Users\Kula\AppData\Roaming\Mozilla\Firefox\Profiles\79j20mx1.default-release\Extensions\{5e118bad-a840-4256-bd31-296194533aac}.xpi [2023-07-14] [UpdateUrl:hxxps://www.elektronicznypodpis.pl/download/webmodule/firefox/updates.json] FF Extension: (TTV LOL PRO) - C:\Users\Kula\AppData\Roaming\Mozilla\Firefox\Profiles\79j20mx1.default-release\Extensions\{76ef94a4-e3d0-4c6f-961a-d38a429a332b}.xpi [2024-02-27] FF Extension: (Twitch-HLS-Ad-Block) - C:\Users\Kula\AppData\Roaming\Mozilla\Firefox\Profiles\79j20mx1.default-release\Extensions\{c1e9aa3d-6fce-4c21-8985-531c7bf734d3}.xpi [2020-11-06] FF Extension: (Sound Booster) - C:\Users\Kula\AppData\Roaming\Mozilla\Firefox\Profiles\79j20mx1.default-release\Extensions\{ccd7d166-0f6a-4e26-a8e8-d51713924571}.xpi [2023-07-16] FF Extension: (Flag Cookies) - C:\Users\Kula\AppData\Roaming\Mozilla\Firefox\Profiles\79j20mx1.default-release\Extensions\{d8d0bc2b-45c2-404d-bb00-ce54305fc39c}.xpi [2024-02-09] FF Extension: (TTV LOL) - C:\Users\Kula\AppData\Roaming\Mozilla\Firefox\Profiles\79j20mx1.default-release\Extensions\{f4461878-c744-4acf-871a-8311588d35ce}.xpi [2022-11-23] FF Extension: (42FM) - C:\Users\Kula\AppData\Roaming\Mozilla\Firefox\Profiles\79j20mx1.default-release\Extensions\{f68ef10c-b969-4023-8477-287af1b78e45}.xpi [2023-07-08] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_192.dll [2019-05-31] (Adobe Inc. -> ) FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-10-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-03-26] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-09-07] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_192.dll [2019-05-31] (Adobe Inc. -> ) FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [Brak podpisu cyfrowego] FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-10-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-03-26] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-03-26] (Microsoft Corporation -> Microsoft Corporation) FF Plugin HKU\S-1-5-21-4118281393-334457590-4262429159-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Kula\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-03-26] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) StartMenuInternet: Firefox-6F193CCC56814779 - C:\Program Files\Firefox Nightly\firefox.exe Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Kula\AppData\Local\Google\Chrome\User Data\Default [2024-02-16] CHR Extension: (Prezentacje) - C:\Users\Kula\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-21] CHR Extension: (Dokumenty) - C:\Users\Kula\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-01-14] CHR Extension: (Dysk Google) - C:\Users\Kula\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-04] CHR Extension: (YouTube) - C:\Users\Kula\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-21] CHR Extension: (Arkusze) - C:\Users\Kula\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-21] CHR Extension: (Dokumenty Google offline) - C:\Users\Kula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-18] CHR Extension: (Chrome Remote Desktop) - C:\Users\Kula\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2023-09-18] CHR Extension: (Auto Claim Twitch Channel Points) - C:\Users\Kula\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfkamlikjbpcgjcdicpjaofammhfgjjh [2023-09-18] CHR Extension: (Automatic Twitch: Drops, Moments and Points) - C:\Users\Kula\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfhgpagdjjoieckminnmigmpeclkdmjm [2023-09-18] CHR Extension: (Patreon Downloader) - C:\Users\Kula\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnfjhjpninhcccbahcdbcphpifofoajc [2024-02-16] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Kula\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-04] CHR Extension: (Gmail) - C:\Users\Kula\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-04] Opera: ======= OPR DefaultProfile: Default ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.) S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [2568840 2024-06-07] (Blizzard Entertainment, Inc. -> Blizzard Entertainment) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [18663720 2024-06-17] (BattlEye Innovations e.K. -> ) R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\129.0.6668.14\remoting_host.exe [73832 2024-08-23] (Google LLC -> Google LLC) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11600672 2020-03-03] (Microsoft Corporation -> Microsoft Corporation) S2 Ds3Service; C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe [389632 2016-01-10] (Scarlet.Crush Productions) [Brak podpisu cyfrowego] S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-07-08] (EasyAntiCheat Oy -> Epic Games, Inc) S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [954704 2024-07-01] (EasyAntiCheat Oy -> Epic Games, Inc.) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-07-18] (Epic Games Inc. -> Epic Games, Inc.) S3 GalaxyClientService; \\?\C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2332496 2024-07-16] (GOG sp. z o.o -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7180624 2024-07-16] (GOG sp. z o.o -> GOG.com) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8965728 2024-08-04] (Malwarebytes Inc. -> Malwarebytes) S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-05-26] (Malwarebytes Inc. -> Malwarebytes) R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe [1427024 2024-08-26] (Microsoft Windows Publisher -> Microsoft Corporation) S3 mracsvc; C:\Windows\System32\mracsvc.exe [20536992 2020-12-12] (Mail.Ru LLC -> LLC Mail.Ru) S3 myacsvc; C:\WINDOWS\System32\myacsvc.exe [29451512 2023-11-23] (MY.GAMES B.V. -> MY.GAMES B.V.) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_493585427225c794\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-02-08] (NVIDIA Corporation -> NVIDIA Corporation) S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24192 2018-03-06] (OpenVPN Technologies, Inc. -> ) R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74712 2019-04-25] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74712 2019-04-25] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2388744 2024-08-29] (Overwolf Ltd -> Overwolf LTD) S3 OVRLibraryService; C:\Program Files\Oculus\Support\oculus-librarian\OVRLibraryService.exe [146688 2024-09-07] (Facebook Technologies, LLC -> Facebook Technologies, LLC) R2 OVRService; C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [418048 2024-09-07] (Facebook Technologies, LLC -> Facebook Technologies, LLC) S2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2021-07-01] (Even Balance, Inc. -> ) S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1676696 2021-03-16] (Rockstar Games, Inc. -> Rockstar Games) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522096 2024-08-29] (Microsoft Windows Publisher -> Microsoft Corporation) S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9614144 2024-03-06] (Riot Games, Inc. -> Riot Games, Inc.) S2 VirtualDesktop.Service.exe; C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe [11367296 2024-06-10] (Virtual Desktop, Inc -> Virtual Desktop, Inc.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe [3199648 2024-08-26] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe [133704 2024-08-26] (Microsoft Windows Publisher -> Microsoft Corporation) S2 ZeroTierOneService; C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe [6207056 2022-04-11] (ZeroTier, Inc. -> ) S3 Origin Client Service; "C:\Program Files (x86)\Origin\OriginClientService.exe" [X] S2 Origin Web Helper Service; "C:\Program Files (x86)\Origin\OriginWebHelperService.exe" [X] S2 Wallpaper Engine Service; "B:\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe" -x64 [X] ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 ACE-BASE; C:\WINDOWS\system32\drivers\ACE-BASE.sys [2198632 2024-09-17] (Microsoft Windows Hardware Compatibility Publisher -> ANTICHEATEXPERT.COM) S3 atvi-randgrid; C:\ProgramData\Battle.net_components\randgridauks\randgrid.sys [2513192 2022-11-17] (Activision Publishing Inc -> Activision Blizzard, Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [287232 2022-06-16] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [147968 2022-04-13] (Microsoft Corporation) [Brak podpisu cyfrowego] R3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [33592 2020-03-17] (DEV47 APPS -> Dev47Apps) R3 DroidCamVideo; C:\WINDOWS\System32\drivers\droidcamvideo.sys [229432 2020-03-17] (DEV47 APPS -> Dev47Apps) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-07-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R3 iriuna0; C:\WINDOWS\system32\drivers\iriuna0.sys [46976 2021-04-06] (Iriun Oy -> Windows (R) Win 7 DDK provider) R3 iriunvid; C:\WINDOWS\System32\DriverStore\FileRepository\iriunvid.inf_amd64_1abe69abaf98b7f7\iriunvid.sys [157568 2021-05-01] (Iriun Oy -> Windows (R) Win 7 DDK provider) R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [135600 2021-08-08] (Shenzhen Yibo Digital Systems Development Co., Ltd. -> EZB Systems, Inc.) S3 libusbK; C:\WINDOWS\System32\drivers\libusbK.sys [47200 2021-02-13] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net) R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [231504 2024-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-09-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [200104 2023-10-06] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2023-10-06] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-07-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181984 2023-10-06] (Malwarebytes Inc. -> Malwarebytes) R3 MpKsle2b1b165; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{64B20D0E-9ED2-4D4E-9CEF-D2A0C01ABBE7}\MpKslDrv.sys [271640 2024-09-16] (Microsoft Windows -> Microsoft Corporation) S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv1.sys [19767024 2020-12-12] (Mail.Ru LLC -> LLC Mail.Ru) S3 myacdrv; C:\WINDOWS\System32\drivers\myacdrv1.sys [28784176 2023-11-23] (Microsoft Windows Hardware Compatibility Publisher -> MY.GAMES B.V.) R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation) R3 oculusvad_oculusvad; C:\WINDOWS\System32\drivers\oculusvad.sys [73400 2024-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) R3 Oculus_ViGEmBus; C:\WINDOWS\System32\drivers\Oculus_ViGEmBus.sys [32856 2021-04-13] (Oculus VR, LLC -> Facebook Inc.) R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> ) S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> ) R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions) R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> ) R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> ) R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) R3 vdvad_WaveExtensible; C:\WINDOWS\System32\drivers\vdvad.sys [44936 2024-05-24] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.) R3 vdvge; C:\WINDOWS\System32\drivers\vdvge.sys [75832 2024-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Virtual Desktop, Inc.) R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [21861160 2024-02-22] (Riot Games, Inc. -> Riot Games, Inc.) R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2018-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) R3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [48136 2022-04-21] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-08-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602504 2024-08-26] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-08-26] (Microsoft Windows -> Microsoft Corporation) R3 wovad_micarray; C:\WINDOWS\system32\drivers\womic.sys [34496 2020-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S3 xhunter1; C:\WINDOWS\xhunter1.sys [2719256 2021-02-01] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) S3 zttap300; C:\WINDOWS\System32\drivers\zttap300.sys [31744 2020-11-24] (Microsoft Windows Hardware Compatibility Publisher -> ZeroTier Networks LLC) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-09-20 19:15 - 2024-09-20 19:15 - 000001706 _____ C:\Users\Kula\Desktop\Malwarebytes Raport ze skanowania 2024-09-20 170109.txt 2024-09-20 18:35 - 2024-09-20 18:35 - 000000463 _____ C:\Users\Public\Desktop\Play Frostpunk 2.lnk 2024-09-20 18:35 - 2024-09-20 18:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Frostpunk 2 2024-09-19 15:14 - 2024-09-20 23:55 - 000000000 ____D C:\FRST 2024-09-19 12:15 - 2024-09-19 12:18 - 000850937 _____ C:\Users\Kula\Desktop\Matura.jpeg 2024-09-18 19:38 - 2024-09-18 20:56 - 000000000 ____D C:\Program Files\Mozilla Firefox 2024-09-17 22:47 - 2024-09-17 22:47 - 000000000 ____D C:\Users\Kula\AppData\Local\11bitstudios 2024-09-17 21:08 - 2024-09-17 21:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent 2024-09-14 20:09 - 2024-09-14 20:09 - 000000222 _____ C:\Users\Kula\Desktop\Among Us.url 2024-09-09 13:08 - 2024-09-09 13:08 - 000000000 ____D C:\Users\Kula\Documents\8e4f8dc250364e30aef276555bba1734 2024-09-07 11:02 - 2024-09-07 11:02 - 000000000 ____D C:\Users\Kula\Documents\Moria 2024-09-07 11:01 - 2024-09-07 11:01 - 000000000 ____D C:\Users\Public\Documents\Epic 2024-09-07 11:01 - 2024-09-07 11:01 - 000000000 ____D C:\Users\Kula\AppData\Local\Moria 2024-09-02 00:32 - 2024-09-02 00:32 - 000000000 ____D C:\Users\Kula\AppData\Local\SDLauncher 2024-09-02 00:27 - 2024-09-17 22:48 - 000000000 ____D C:\Users\Public\mod.io 2024-09-02 00:27 - 2024-09-07 12:29 - 000000000 ____D C:\Users\Kula\AppData\Local\sins2 2024-09-02 00:23 - 2024-09-02 00:23 - 000001348 _____ C:\Users\Kula\Desktop\Sins of a Solar Empire II.lnk 2024-09-02 00:23 - 2024-09-02 00:23 - 000000000 ____D C:\WINDOWS\SysWOW64\directx 2024-09-02 00:14 - 2024-09-02 00:14 - 000000000 ____D C:\Program Files (x86)\by Decepticon 2024-08-30 00:06 - 2024-08-30 00:06 - 000000000 ____D C:\Users\Kula\AppData\Roaming\arco 2024-08-29 14:59 - 2024-08-29 14:59 - 000000000 ___HD C:\$WinREAgent 2024-08-27 22:58 - 2024-09-19 16:22 - 000000722 _____ C:\Users\Public\Desktop\Battlestate Games Launcher.lnk 2024-08-26 20:37 - 2024-08-26 21:21 - 000000000 ____D C:\Users\Kula\AppData\Roaming\arena_breakout_infinite_launcher 2024-08-26 20:36 - 2024-08-26 20:36 - 000001364 _____ C:\Users\Kula\AppData\Roaming\arena_breakout_infinite_launcher.reg 2024-08-26 20:36 - 2024-08-26 20:36 - 000001156 _____ C:\Users\Public\Desktop\Arena Breakout Infinite.lnk 2024-08-26 20:36 - 2024-08-26 20:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arena Breakout Infinite 2024-08-26 20:31 - 2024-08-26 20:31 - 000000000 ____D C:\Users\Kula\AppData\Local\ArenaBreakoutInfiniteMiniloader 2024-08-23 18:06 - 2024-08-23 18:07 - 000025694 _____ C:\Users\Kula\Documents\Zakażenia Szpitalne Eliza Stachańska.odt 2024-08-23 17:39 - 2024-08-23 17:39 - 000023746 _____ C:\Users\Kula\Documents\Zakażenia szpitalne.odt ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-09-20 23:53 - 2022-02-09 18:44 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2024-09-20 23:52 - 2021-04-13 18:16 - 000000000 ____D C:\Program Files\Oculus 2024-09-20 23:52 - 2021-04-13 15:54 - 000000000 ____D C:\Users\Kula\AppData\Local\Oculus 2024-09-20 23:52 - 2019-05-31 13:20 - 000000000 ____D C:\Program Files (x86)\Steam 2024-09-20 23:52 - 2019-05-31 13:01 - 000000000 ____D C:\Users\Kula\AppData\Roaming\Discord 2024-09-20 23:52 - 2019-05-31 12:43 - 000000000 ____D C:\ProgramData\NVIDIA 2024-09-20 23:45 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-09-20 23:40 - 2023-09-23 23:10 - 000000000 ____D C:\Users\Kula\AppData\Local\Malwarebytes 2024-09-20 23:20 - 2019-05-31 13:01 - 000000000 ____D C:\Users\Kula\AppData\Local\Discord 2024-09-20 19:21 - 2020-09-25 22:37 - 000000000 ____D C:\Users\Kula\AppData\Local\D3DSCache 2024-09-20 19:15 - 2020-09-25 21:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-09-20 19:01 - 2021-12-17 03:34 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-09-20 18:23 - 2020-03-19 11:52 - 000000000 ____D C:\Users\Kula\AppData\Roaming\qBittorrent 2024-09-19 16:22 - 2022-07-12 11:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlestate Games 2024-09-19 12:09 - 2019-05-31 16:26 - 000000000 ___RD C:\Users\Kula\Documents\Scanned Documents 2024-09-18 21:30 - 2023-10-08 12:45 - 000000222 _____ C:\Users\Kula\Desktop\Conqueror's Blade.url 2024-09-18 21:30 - 2020-01-22 22:02 - 000000000 ____D C:\Users\Kula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2024-09-18 20:56 - 2021-02-26 17:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2024-09-18 20:56 - 2019-05-31 12:52 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2024-09-18 20:56 - 2019-05-31 12:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2024-09-17 22:48 - 2024-06-15 21:28 - 000000000 ____D C:\Users\Kula\AppData\Local\mod.io 2024-09-17 21:09 - 2020-03-19 11:52 - 000000000 ____D C:\Users\Kula\AppData\Local\qBittorrent 2024-09-17 21:08 - 2020-03-19 11:52 - 000000000 ____D C:\Program Files\qBittorrent 2024-09-17 20:17 - 2020-02-29 01:18 - 000000000 ____D C:\Users\Kula\AppData\Local\JDownloader 2.0 2024-09-17 15:07 - 2023-06-11 22:02 - 002198632 _____ (ANTICHEATEXPERT.COM) C:\WINDOWS\system32\Drivers\ACE-BASE.sys 2024-09-17 15:01 - 2024-02-21 11:35 - 000000000 ____D C:\Users\Kula\Desktop\Zdjęcia 2024-09-17 14:54 - 2019-07-29 23:24 - 000000000 ____D C:\Users\Kula\Desktop\Nowy folder (2) 2024-09-16 18:46 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2024-09-16 18:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-09-16 17:35 - 2022-09-13 10:15 - 000000000 ____D C:\Users\Kula\AppData\Roaming\com.adobe.dunamis 2024-09-16 17:35 - 2019-05-31 23:18 - 000000000 ____D C:\Users\Kula\AppData\Local\Adobe 2024-09-16 17:35 - 2019-05-31 12:37 - 000000000 ____D C:\Users\Kula\AppData\Roaming\Adobe 2024-09-16 17:21 - 2020-09-25 21:33 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2024-09-16 17:20 - 2023-01-16 22:13 - 000002286 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2024-09-16 17:20 - 2022-10-13 18:03 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2024-09-16 17:20 - 2020-08-27 10:37 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-09-14 22:22 - 2021-04-13 18:20 - 000000000 ____D C:\Users\Kula\AppData\Roaming\OculusClient 2024-09-14 21:30 - 2019-06-01 10:46 - 000000000 ____D C:\Users\Kula\AppData\Local\CrashDumps 2024-09-14 20:16 - 2020-10-10 11:58 - 000000000 ____D C:\Users\Kula\AppData\LocalLow\Unity 2024-09-13 13:25 - 2021-04-13 15:36 - 000000000 ____D C:\ProgramData\Virtual Desktop 2024-09-13 13:19 - 2021-10-13 14:33 - 000000000 ____D C:\Users\Kula\AppData\Roaming\Code 2024-09-12 09:59 - 2019-05-31 13:01 - 000002238 _____ C:\Users\Kula\Desktop\Discord.lnk 2024-09-09 12:50 - 2020-09-17 15:25 - 000000000 ____D C:\Users\Public\Documents\OnlineFix 2024-09-09 08:23 - 2020-09-25 21:33 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-09-09 08:23 - 2020-09-25 21:33 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-09-05 10:03 - 2020-09-25 21:37 - 001767984 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-09-05 10:03 - 2019-12-07 17:09 - 000784340 _____ C:\WINDOWS\system32\perfh015.dat 2024-09-05 10:03 - 2019-12-07 17:09 - 000152236 _____ C:\WINDOWS\system32\perfc015.dat 2024-09-05 10:03 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2024-09-05 09:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2024-09-05 01:04 - 2020-09-25 21:28 - 000000000 ____D C:\Users\Kula 2024-09-04 21:20 - 2020-04-05 10:46 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat 2024-09-04 21:17 - 2020-09-25 21:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-09-04 21:17 - 2020-09-25 21:26 - 000008192 ___SH C:\DumpStack.log.tmp 2024-09-04 11:32 - 2023-01-05 13:51 - 000000000 ____D C:\Users\Kula\Desktop\Faktury 2024-09-02 00:23 - 2024-08-14 00:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by Decepticon 2024-09-01 20:29 - 2022-09-15 00:29 - 000000000 ____D C:\Program Files (x86)\Overwolf 2024-09-01 15:30 - 2024-02-18 22:58 - 000284224 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_4.dll 2024-09-01 15:30 - 2022-10-20 10:57 - 000124344 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe 2024-09-01 15:30 - 2022-10-20 10:57 - 000075192 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe 2024-09-01 15:30 - 2021-11-23 20:44 - 000210360 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll 2024-09-01 15:30 - 2020-05-26 17:27 - 002799144 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll 2024-09-01 15:30 - 2020-05-26 17:27 - 000783912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll 2024-09-01 15:30 - 2020-05-26 17:27 - 000243240 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll 2024-09-01 15:30 - 2020-05-26 17:27 - 000149032 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll 2024-08-30 14:01 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2024-08-30 14:00 - 2020-09-25 21:26 - 000642248 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2024-08-30 13:59 - 2019-12-07 17:12 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents 2024-08-30 13:59 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2024-08-30 13:59 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2024-08-30 13:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2024-08-30 13:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2024-08-30 13:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2024-08-30 13:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2024-08-30 13:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2024-08-30 13:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2024-08-30 13:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2024-08-30 13:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2024-08-30 13:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2024-08-30 13:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2024-08-30 13:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2024-08-30 13:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-08-29 15:08 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-08-29 15:05 - 2020-09-25 21:28 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2024-08-26 21:20 - 2019-05-31 12:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd ==================== Pliki w katalogu głównym wybranych folderów ======== 2023-11-28 17:13 - 2024-04-19 23:27 - 000000000 _____ () C:\ProgramData\vstdlib_s.dll 2022-01-19 14:38 - 2022-01-19 14:38 - 000047031 _____ () C:\Program Files (x86)\LostLight_license.htm 2019-11-27 09:19 - 2019-11-27 09:19 - 000000046 _____ () C:\Users\Kula\AppData\Roaming\.crystalinst 2021-11-21 12:15 - 2022-06-15 11:59 - 000000032 _____ () C:\Users\Kula\AppData\Roaming\.machineId 2024-08-26 20:36 - 2024-08-26 20:36 - 000001364 _____ () C:\Users\Kula\AppData\Roaming\arena_breakout_infinite_launcher.reg 2022-06-19 13:51 - 2022-06-25 14:40 - 000000118 _____ () C:\Users\Kula\AppData\Roaming\BattleBitConfig.ini 2022-06-10 00:50 - 2022-06-10 00:50 - 000004552 _____ () C:\Users\Kula\AppData\Roaming\dfcc6eaa-843c-401f-8f8c-db6ad23834f7.tmp 2022-11-28 19:34 - 2022-11-28 19:34 - 000012288 _____ () C:\Users\Kula\AppData\Roaming\emp.bin 2024-07-01 15:45 - 2024-07-01 15:45 - 000000033 _____ () C:\Users\Kula\AppData\Local\76561198011871975_pilgriminfo.txt 2021-02-09 18:43 - 2024-04-30 21:39 - 000007589 _____ () C:\Users\Kula\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================