Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 18-03-2025 Uruchomiony przez Sa1goN (administrator) DESKTOP-0IF0R9F (Micro-Star International Co., Ltd MS-7B86) (21-03-2025 22:34:14) Uruchomiony z C:\Users\Sa1goN\Downloads\FRST64.exe Załadowane profile: Sa1goN Platforma: Microsoft Windows 10 Pro Wersja 22H2 19045.5608 (X64) Język: Angielski (Stany Zjednoczone) -> Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (A225F3B5-240D-4EE9-BCF4-697A07F5E93E -> Micro-Star INT'L CO., LTD.) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.50.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe (C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Nahimic\NahimicMonitorX64.exe (C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe (C:\Program Files\Google\Play Games Services\25.3.384.0\Service\GooglePlayGamesServices.exe ->) (Google LLC -> ) C:\Program Files\Google\Play Games Services\25.3.384.0\Service\data\windows.assets\crashpad_handler.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA Overlay.exe <5> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\ShadowPlay\nvsphelper64.exe (Discord Inc. -> Discord Inc.) C:\Users\Sa1goN\AppData\Local\Discord\app-1.0.9186\Discord.exe <6> (DriverStore\FileRepository\u0390451.inf_amd64_39377efdd62734d1\B390182\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\WINDOWS\System32\DriverStore\FileRepository\u0390451.inf_amd64_39377efdd62734d1\B390182\atieclxx.exe (ESET, spol. s r.o. -> ESET) C:\Users\Sa1goN\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <62> (explorer.exe ->) (ResolveDevOps Limited -> ResolveDevOps Limited) C:\Users\Sa1goN\AppData\Roaming\ProductAuthenticationService\pas.exe (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\Taskmgr.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\MSI Center\Engine\CC_Engine_x64.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\WINDOWS\System32\amdfendrsr.exe (services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\WINDOWS\System32\DriverStore\FileRepository\u0390451.inf_amd64_39377efdd62734d1\B390182\atiesrxx.exe (services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (services.exe ->) (Google LLC -> Google) C:\Program Files\Google\Play Games Services\25.3.384.0\Service\GooglePlayGamesServices.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe (services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe (services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe (services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_3efa186d0d770b7a\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_da20c535c8dde220\RtkAudUService64.exe <2> (services.exe ->) (SteelSeries France SASU -> Nahimic) C:\WINDOWS\System32\NahimicService.exe (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (sihost.exe ->) (CACCD12F-7BFA-4346-AD14-30B4E275348F -> Hewlett-Packard Development Company, L.P.) C:\Program Files\WindowsApps\33C30B79.HyperXNGenuity_5.28.1.0_x64__0a78dr3hq0pvt\Assets\Native\NGenuity2Helper.exe (SteelSeries France SASU -> A-Volute) C:\Users\Sa1goN\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (svchost.exe ->) (21E1B422-257A-44A2-9C8F-379165856473 -> ) C:\Program Files\WindowsApps\A-Volute.Nahimic_1.10.4.0_x64__w2gh52qy24etm\Nahimic3.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Sa1goN\AppData\Local\Microsoft\OneDrive\25.035.0223.0003\FileCoAuth.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2501.9.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe <3> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\SysWOW64\wbem\WmiPrvSE.exe (svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.TerminalServer.exe (svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe (svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\True Color\New\MSI.True Color.exe (svchost.exe ->) (SteelSeries France SASU -> Nahimic) C:\WINDOWS\System32\NahimicSvc64.exe (svchost.exe ->) (SteelSeries France SASU -> Nahimic) C:\WINDOWS\SysWOW64\NahimicSvc32.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_da20c535c8dde220\RtkAudUService64.exe [2115032 2024-06-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752208 2024-12-04] (Oracle America, Inc. -> Oracle Corporation) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Ograniczenia <==== UWAGA HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Ograniczenia <==== UWAGA HKU\S-1-5-21-2028693066-2051009854-3453307072-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4693088 2025-03-11] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-2028693066-2051009854-3453307072-1001\...\Run: [Discord] => C:\Users\Sa1goN\AppData\Local\Discord\Update.exe [1525024 2023-11-13] (Discord Inc. -> GitHub) HKU\S-1-5-21-2028693066-2051009854-3453307072-1001\...\Run: [EpicGamesLauncher] => F:\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37093392 2025-03-18] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-2028693066-2051009854-3453307072-1001\...\Run: [AMDNoiseSuppression] => "C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe" (Brak pliku) HKU\S-1-5-21-2028693066-2051009854-3453307072-1001\...\Run: [SteamServerBrowser] => C:\Users\Sa1goN\AppData\Roaming\SteamServerBrowser\SteamServerBrowser.exe [289304 2023-01-20] (Lyrha Software Technologies Inc. -> ) HKU\S-1-5-21-2028693066-2051009854-3453307072-1001\...\Run: [ProductAuthenticationService] => C:\Users\Sa1goN\AppData\Roaming\ProductAuthenticationService\pas.exe [1004072 2019-05-07] (ResolveDevOps Limited -> ResolveDevOps Limited) <==== UWAGA HKU\S-1-5-21-2028693066-2051009854-3453307072-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe --launch-background-mode (Brak pliku) HKU\S-1-5-21-2028693066-2051009854-3453307072-1001\...\Run: [AF_uuid_2139460] => 4fe19163-78a2-4158-9931-7d1fa3f28896 (Brak pliku) HKU\S-1-5-21-2028693066-2051009854-3453307072-1001\...\Run: [AF_counter_2139460] => 13 (Brak pliku) HKU\S-1-5-21-2028693066-2051009854-3453307072-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3656800 2025-03-20] (Electronic Arts, Inc. -> Electronic Arts) HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [109080 2018-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\134.0.6998.118\Installer\chrmstp.exe [2025-03-20] (Google LLC -> Google LLC) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0c178358-0b8e-41b2-80ab-bffd2ae8db47} - Brak ścieżki do pliku. <==== UWAGA Task: {442bd077-8a00-4607-9206-eadd19a3fbdc} - Brak ścieżki do pliku. <==== UWAGA Task: {67a7c01a-3fbb-4411-887d-57863f391add} - Brak ścieżki do pliku. <==== UWAGA Task: {7c0fde84-cdc0-4af9-a05c-38bd9e90facf} - Brak ścieżki do pliku. <==== UWAGA Task: {833d8e30-baad-4351-80e8-2e8e43b2028f} - Brak ścieżki do pliku. <==== UWAGA Task: {b209827f-cc89-49ff-adcb-35da4eade87c} - Brak ścieżki do pliku. <==== UWAGA Task: {b6196886-32b8-4ea7-ab03-aa413a7de25b} - Brak ścieżki do pliku. <==== UWAGA Task: {c4f3a9b3-ebd8-46ea-a833-73871eb137f4} - Brak ścieżki do pliku. <==== UWAGA Task: {c915dc4d-c7de-4f7a-bed8-5ff0fd00d2f0} - Brak ścieżki do pliku. <==== UWAGA Task: {e20a8b85-a975-435c-b858-57c5a55747b8} - Brak ścieżki do pliku. <==== UWAGA Task: {127B695B-6544-4641-AAF2-E77A677651E6} - System32\Tasks\Esportal Game Manager => C:\Users\Sa1goN\AppData\Local\Esportal\esportal-updater.exe [8065216 2025-01-28] (Esportal AB -> Esportal AB) -> C:\Users\Sa1goN\AppData\Local\Esportal\$(Arg0) Task: {E25958A1-9D17-47AB-944E-4CD2B0BF9F45} - System32\Tasks\Google Play Games Notifier => C:\Program Files\Google\Play Games\Bootstrapper.exe [375392 2025-03-14] (Google LLC -> Google LLC) Task: {FC1D37CF-BD60-4703-B7E8-FA5AB67D9634} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem135.0.7023.0{BAC4BA9E-D894-4719-BDFC-76726C25201E} => C:\Program Files (x86)\Google\GoogleUpdater\135.0.7023.0\updater.exe [5745760 2025-02-19] (Google LLC -> Google LLC) Task: {47BC2D92-24D9-4FD7-997E-88F19732B5EB} - System32\Tasks\Meta\Messenger-SL-Helper-S-1-5-21-2028693066-2051009854-3453307072-1001 => C:\Users\Sa1goN\AppData\Local\Programs\Messenger\MessengerHelper.exe --lassie (Brak pliku) Task: {D2397A19-1575-4BCD-B24F-44A9EC24D2A2} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe [2764904 2024-06-20] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) Task: {656835B0-8483-46C1-8621-B7F3A09DB266} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [1118128 2024-06-20] (SteelSeries France SASU -> Nahimic) Task: {913C33C1-174E-428F-ACBC-9D5807AF389D} - System32\Tasks\NahimicSvc64Run => C:\Windows\system32\NahimicSvc64.exe [1438128 2024-06-20] (SteelSeries France SASU -> Nahimic) Task: {4E7DBB46-6374-41CF-88CF-ECB44591FD57} - System32\Tasks\NahimicTask32 => C:\WINDOWS\System32\..\SysWOW64\NahimicSvc32.exe [1118128 0] (SteelSeries France SASU -> Nahimic) Task: {5CF60AA6-8109-47FD-AA4B-D11D4AF25AA0} - System32\Tasks\NahimicTask64 => C:\WINDOWS\System32\.\NahimicSvc64.exe [1438128 0] (SteelSeries France SASU -> Nahimic) Task: {692039D2-5880-41CB-8280-4E07D55B0952} - System32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA app.exe [3287072 2025-02-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {54AB217B-7DD2-4E5C-8336-C13A66FAC813} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2028693066-2051009854-3453307072-1001 => C:\Users\Sa1goN\AppData\Local\Microsoft\OneDrive\25.035.0223.0003\OneDriveLauncher.exe [670528 2025-03-17] (Microsoft Corporation -> Microsoft Corporation) Task: {909E004A-25D9-45FF-A4A2-72065384B199} - System32\Tasks\Opera scheduled assistant Autoupdate 1696114537 => C:\Users\Sa1goN\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Sa1goN\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {4CCC0AD3-68CA-4EDE-A4AE-9576AC5577FE} - System32\Tasks\Opera scheduled Autoupdate 1696114534 => C:\Users\Sa1goN\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Brak pliku) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 178.235.153.33 178.235.153.32 Tcpip\..\Interfaces\{000c5acf-f262-46be-a11d-20bfeb32cc4b}: [DhcpNameServer] 178.235.153.33 178.235.153.32 Tcpip\..\Interfaces\{998dbacb-8626-4a12-8bd0-19bc3939b60c}: [DhcpNameServer] 178.235.153.33 178.235.153.32 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Sa1goN\AppData\Local\Microsoft\Edge\User Data\Default [2025-03-16] Edge Extension: (Dokumenty Google offline) - C:\Users\Sa1goN\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-02]hxxps://clients2.google.com/service/update2/crx Edge Extension: (Online Security) - C:\Users\Sa1goN\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jcpgbnbdnakoblgfkbgggankeidkfcdl [2025-02-06]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx Edge Extension: (Edge relevant text changes) - C:\Users\Sa1goN\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-25]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn] Edge HKU\S-1-5-21-2028693066-2051009854-3453307072-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [jcpgbnbdnakoblgfkbgggankeidkfcdl] Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn] Edge HKLM-x32\...\Edge\Extension: [jcpgbnbdnakoblgfkbgggankeidkfcdl] FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.441.2 -> C:\Program Files\Java\jre1.8.0_441\bin\dtplugin\npDeployJava1.dll [2024-12-04] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.441.2 -> C:\Program Files\Java\jre1.8.0_441\bin\plugin2\npjp2.dll [2024-12-04] (Oracle America, Inc. -> Oracle Corporation) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Sa1goN\AppData\Local\Google\Chrome\User Data\Default [2025-03-21] CHR Notifications: Default -> hxxps://hellcase.com; hxxps://key-drop.com; hxxps://www.facebook.com; hxxps://www.pyszne.pl; hxxps://www.tiktok.com CHR StartupUrls: Default -> "hxxp://search.babylon.com/?affID=118722&tt=0213_4&babsrc=HP_ss&mntrId=9847b8c90000000000000024d2cb1660","hxxp://pl.msn.com/?pc=UP97&ocid=UP97DHP" CHR Extension: (Watch2Gether) - C:\Users\Sa1goN\AppData\Local\Google\Chrome\User Data\Default\Extensions\cimpffimgeipdhnhjohpbehjkcdpjolg [2025-01-25]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Steam Inventory Helper) - C:\Users\Sa1goN\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2025-03-20]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Dokumenty Google offline) - C:\Users\Sa1goN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-01]hxxps://clients2.google.com/service/update2/crx CHR Extension: (AdBlock — najlepszy bloker reklam) - C:\Users\Sa1goN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2025-03-20]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Sa1goN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2025-03-21]hxxps://clients2.google.com/service/update2/crx CHR Extension: (BotRix) - C:\Users\Sa1goN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipeogcankgfdmhlfdomjllhfckklcklf [2025-02-11]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Online Security) - C:\Users\Sa1goN\AppData\Local\Google\Chrome\User Data\Default\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2025-02-05]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Repeek (formerly FACEIT Enhancer)) - C:\Users\Sa1goN\AppData\Local\Google\Chrome\User Data\Default\Extensions\mokknliiomknodkdmpcellamkopbdmao [2025-02-20]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Sa1goN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Monica: ChatGPT AI Assistant | DeepSeek, GPT-4o, Claude 3.5, o1 &More) - C:\Users\Sa1goN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofpnmcalabcbjgholdjcjblkibolbppb [2025-03-01]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Faceit elo statistics) - C:\Users\Sa1goN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcjdjdkfffipjalaneimnjnogbajden [2023-03-20]hxxps://clients2.google.com/service/update2/crx CHR Extension: (FACEIT Predictor) - C:\Users\Sa1goN\AppData\Local\Google\Chrome\User Data\Default\Extensions\plbhidhbocjfalcpofamaklaeecpplkd [2022-09-17]hxxps://clients2.google.com/service/update2/crx CHR Profile: C:\Users\Sa1goN\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-08-19] CHR Profile: C:\Users\Sa1goN\AppData\Local\Google\Chrome\User Data\System Profile [2025-01-26] CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKU\S-1-5-21-2028693066-2051009854-3453307072-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKLM-x32\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AppShellElevationService; C:\Program Files\TikTok LIVE Studio\0.79.2\elevation_service.exe [1970264 2025-03-06] (TikTok Pte. Ltd. -> The Chromium Authors) R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [19026528 2025-03-20] (Electronic Arts, Inc. -> Electronic Arts) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1136552 2024-08-22] (EasyAntiCheat Oy -> Epic Games, Inc) S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [954704 2025-02-10] (EasyAntiCheat Oy -> Epic Games, Inc.) S3 EpicGamesUpdater; F:\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesUpdater.exe [3064848 2025-03-18] (Epic Games Inc. -> Epic Games, Inc.) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [367064 2024-11-23] (Epic Games Inc. -> Epic Games, Inc.) S3 FACEITService; C:\Program Files\FACEIT AC\faceitservice.exe [84740840 2025-03-21] (ESL FACEIT Group Ltd. -> ) S3 GameforgeClientService; C:\Program Files (x86)\GameforgeClient\gfservice.exe [635968 2024-03-18] (Gameforge 4D GmbH -> ) R2 GooglePlayGamesServices-25.3.384.0; C:\Program Files\Google\Play Games Services\25.3.384.0\Service\GooglePlayGamesServices.exe [517216 2025-03-14] (Google LLC -> Google) R2 LightKeeperService; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe [92768 2023-05-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9484384 2025-03-21] (Malwarebytes Inc. -> Malwarebytes) S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-03-21] (Malwarebytes Inc. -> Malwarebytes) S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpDefenderCoreService.exe [1926976 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation) R2 MSI_Case_Service; C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe [134160 2025-01-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) R2 MSI_Center_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [1137168 2025-02-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe [41064 2024-04-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) R2 NahimicService; C:\WINDOWS\System32\NahimicService.exe [1910704 2024-06-20] (SteelSeries France SASU -> Nahimic) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_3efa186d0d770b7a\Display.NvContainer\NVDisplay.Container.exe [1275568 2024-12-04] (NVIDIA Corporation -> NVIDIA Corporation) S2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [69864 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559328 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12757520 2020-12-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\NisSrv.exe [4352456 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MsMpEng.exe [270056 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [54720 2022-10-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [36928 2022-09-16] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc) S3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0390451.inf_amd64_39377efdd62734d1\B390182\amdkmdag.sys [94467928 2023-04-06] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [59920 2022-05-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (BoiseTest -> Windows (R) Win 7 DDK provider) S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (BoiseTest -> Windows (R) Win 7 DDK provider) S3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [43944 2013-06-04] (BoiseTest -> Microsoft Corporation) S1 EspoDriver; C:\Windows\system32\drivers\EspoDriver.sys [6094776 2021-03-25] (Esportal AB -> ) S1 esportal-bt-0; C:\WINDOWS\system32\drivers\esportal-bt-0.sys [40835392 2025-01-28] (Esportal AB -> ) S3 esportal-rt-drv; C:\WINDOWS\system32\drivers\esportal-rt-drv.sys [15630120 2025-01-28] (Esportal AB -> ) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2025-03-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R1 FACEIT; C:\Program Files\FACEIT AC\FACEIT_AC.sys [103399608 2025-03-21] (Microsoft Windows Hardware Compatibility Publisher -> ) R1 googlehaxm; C:\WINDOWS\system32\drivers\GoogleHaxm.sys [234712 2025-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Google) R3 iriuna0; C:\WINDOWS\system32\drivers\iriuna0.sys [46976 2020-10-29] (Iriun Oy -> Windows (R) Win 7 DDK provider) S3 iriunv0; C:\WINDOWS\System32\DriverStore\FileRepository\iriunvid.inf_amd64_58518cc843573ae0\iriunv0.sys [38272 2020-09-21] (Iriun Oy -> Windows (R) Win 7 DDK provider) R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [278944 2025-03-06] (Microsoft Windows -> Microsoft Corporation) R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234072 2025-03-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [202856 2025-03-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\System32\Drivers\mbam.sys [80448 2025-03-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2025-03-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [189776 2025-03-21] (Malwarebytes Inc. -> Malwarebytes) R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [19672 2023-12-10] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd) R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [95896 2024-05-16] (A-Volute SAS -> Windows (R) Win 7 DDK provider) R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys [32592 2024-09-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Lib\NTIOLib_X64.sys [32488 2023-11-19] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> ) S3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [48800 2022-02-23] (SteelSeries ApS -> SteelSeries ApS) S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24064 2021-04-03] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [20016 2025-03-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [601520 2025-03-06] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100768 2025-03-06] (Microsoft Windows -> Microsoft Corporation) S3 cpuz158; \??\C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [X] <==== UWAGA S3 HWiNFO_174; \??\C:\Users\Sa1goN\AppData\Local\Temp\HWiNFO64A_174.SYS [X] <==== UWAGA S3 NEProtect; \??\D:\SteamLibrary\steamapps\common\Once Human\NEProtect.sys [X] S4 NvModuleTracker; \SystemRoot\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2025-03-21 22:33 - 2025-03-21 22:33 - 000046175 _____ C:\Users\Sa1goN\Downloads\Shortcut.txt 2025-03-21 22:32 - 2025-03-21 22:33 - 000088249 _____ C:\Users\Sa1goN\Downloads\Addition.txt 2025-03-21 22:31 - 2025-03-21 22:34 - 000028898 _____ C:\Users\Sa1goN\Downloads\FRST.txt 2025-03-21 22:31 - 2025-03-21 22:34 - 000000000 ____D C:\FRST 2025-03-21 22:31 - 2025-03-21 22:31 - 002404352 _____ (Farbar) C:\Users\Sa1goN\Downloads\FRST64.exe 2025-03-21 22:06 - 2025-03-21 22:06 - 000189776 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2025-03-21 22:03 - 2025-03-21 22:33 - 000000000 ____D C:\Users\Sa1goN\AppData\Local\Malwarebytes 2025-03-21 22:03 - 2025-03-21 22:03 - 000001277 _____ C:\Users\Sa1goN\Desktop\ESET Online Scanner.lnk 2025-03-21 22:02 - 2025-03-21 22:03 - 000001383 _____ C:\Users\Sa1goN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2025-03-21 22:02 - 2025-03-21 22:02 - 008412528 _____ (ESET) C:\Users\Sa1goN\Downloads\esetonlinescanner.exe 2025-03-21 22:02 - 2025-03-21 22:02 - 002834160 _____ (Malwarebytes) C:\Users\Sa1goN\Downloads\MBSetup.exe 2025-03-21 22:02 - 2025-03-21 22:02 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2025-03-21 22:02 - 2025-03-21 22:02 - 000002081 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2025-03-21 22:02 - 2025-03-21 22:02 - 000000000 ____D C:\Users\Sa1goN\AppData\Local\ESET 2025-03-21 22:02 - 2025-03-21 22:02 - 000000000 ____D C:\ProgramData\Malwarebytes 2025-03-21 22:02 - 2025-03-21 22:02 - 000000000 ____D C:\Program Files\Malwarebytes 2025-03-20 19:40 - 2025-03-20 19:40 - 000321328 _____ C:\Users\Sa1goN\Desktop\smoke_yelolow_ivy.webp 2025-03-19 20:09 - 2025-03-19 20:09 - 050439624 _____ C:\Users\Sa1goN\Downloads\Caffeinated-Installer (1).exe 2025-03-19 20:09 - 2025-03-19 20:09 - 000000000 ____D C:\Program Files\Casterlabs Caffeinated 2025-03-16 01:22 - 2025-03-16 01:22 - 000000334 _____ C:\Users\Sa1goN\Desktop\Mortal Shell.url 2025-03-15 01:05 - 2025-03-15 01:05 - 000000000 ____D C:\Users\Sa1goN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CapCut 2025-03-11 19:27 - 2025-03-11 19:27 - 000000000 ___HD C:\$WinREAgent 2025-03-08 20:10 - 2025-03-08 20:10 - 000000000 ____D C:\Users\Sa1goN\AppData\Local\app_shell_cache_8311 2025-03-08 00:49 - 2025-03-08 00:49 - 000001434 _____ C:\Users\Public\Desktop\NVIDIA.lnk 2025-03-05 22:44 - 2025-03-05 22:44 - 002089984 _____ C:\Users\Sa1goN\Downloads\BlurBustersStrobeUtilitySetup_v209 (2).msi 2025-03-05 22:44 - 2025-03-05 22:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blur Busters 2025-03-05 22:44 - 2025-03-05 22:44 - 000000000 ____D C:\Program Files (x86)\Blur Busters 2025-03-05 22:39 - 2025-03-05 22:39 - 002089984 _____ C:\Users\Sa1goN\Downloads\BlurBustersStrobeUtilitySetup_v209 (1).msi 2025-03-05 22:37 - 2025-03-05 22:37 - 002089984 _____ C:\Users\Sa1goN\Downloads\BlurBustersStrobeUtilitySetup_v209.msi 2025-03-03 19:09 - 2025-03-03 19:09 - 000000000 ____D C:\Program Files\AMD 2025-03-03 19:08 - 2025-03-04 09:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2025-03-03 19:08 - 2025-03-03 19:08 - 000000000 ____D C:\Users\Sa1goN\AppData\Roaming\Sun 2025-03-03 19:08 - 2025-03-03 19:08 - 000000000 ____D C:\Program Files\Java 2025-03-03 19:08 - 2024-12-04 08:34 - 000213120 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2025-03-03 09:42 - 2025-03-13 21:05 - 000008192 ___SH C:\DumpStack.log.tmp 2025-02-28 11:35 - 2025-03-06 12:06 - 000000000 ____D C:\Users\Sa1goN\Desktop\Dokumenty medyczne 2025-02-23 06:35 - 2025-02-23 06:35 - 000003293 _____ C:\Users\Sa1goN\AppData\Local\recently-used.xbel 2025-02-23 01:41 - 2025-02-28 11:23 - 000000000 ____D C:\Program Files (x86)\Razer 2025-02-23 01:41 - 2025-02-23 01:41 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_SecureUSBVideo_02_23_00.Wdf 2025-02-23 01:41 - 2025-02-23 01:41 - 000000000 ____D C:\ProgramData\Razer 2025-02-23 01:41 - 2023-06-16 07:33 - 000161920 _____ (Razer Inc) C:\WINDOWS\system32\RazerS3CoinstallerEx.dll 2025-02-23 01:41 - 2021-08-31 02:02 - 000079840 _____ (Razer Inc) C:\WINDOWS\system32\RazerS3Coinstaller.dll ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2025-03-21 22:18 - 2021-03-22 02:23 - 000000000 ____D C:\Users\Sa1goN\AppData\Roaming\FACEIT 2025-03-21 22:18 - 2021-01-13 22:16 - 000000000 ____D C:\Program Files (x86)\Steam 2025-03-21 22:13 - 2021-06-04 17:32 - 000000000 ____D C:\Users\Sa1goN\AppData\Roaming\obs-studio 2025-03-21 22:02 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2025-03-21 22:02 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2025-03-21 21:56 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2025-03-21 21:51 - 2021-01-13 20:15 - 000000000 ____D C:\Users\Sa1goN\AppData\Local\Steam 2025-03-21 21:36 - 2023-11-24 22:53 - 000000000 ____D C:\Users\Sa1goN\AppData\Local\Discord 2025-03-21 21:04 - 2023-01-28 12:50 - 000000000 ____D C:\Users\Sa1goN\AppData\Local\FACEIT 2025-03-21 21:03 - 2021-03-24 00:50 - 000000000 ____D C:\Program Files\FACEIT AC 2025-03-21 21:00 - 2021-01-13 20:30 - 000000000 ____D C:\Users\Sa1goN\AppData\Roaming\discord 2025-03-21 20:57 - 2021-04-03 07:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2025-03-21 20:47 - 2021-01-13 20:39 - 000000000 ____D C:\Users\Sa1goN\AppData\Local\D3DSCache 2025-03-21 20:45 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2025-03-21 20:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2025-03-21 20:36 - 2021-01-13 19:59 - 000000000 ___RD C:\Users\Sa1goN\OneDrive 2025-03-21 01:13 - 2021-01-13 20:10 - 000000000 ____D C:\ProgramData\NVIDIA 2025-03-21 00:04 - 2025-02-11 00:20 - 000000000 ____D C:\WINDOWS\system32\SteelSeries 2025-03-21 00:02 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2025-03-20 23:44 - 2022-01-11 02:28 - 000000000 ____D C:\WINDOWS\SystemTemp 2025-03-20 23:44 - 2021-01-13 22:28 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2025-03-20 23:44 - 2021-01-13 22:28 - 000002212 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2025-03-20 19:17 - 2025-01-25 02:59 - 000000000 ____D C:\ProgramData\EA Desktop 2025-03-19 20:11 - 2025-01-30 23:39 - 000001246 _____ C:\Users\Sa1goN\Desktop\Casterlabs Caffeinated.lnk 2025-03-17 19:41 - 2021-06-08 18:21 - 000000000 ____D C:\Users\Sa1goN\AppData\Roaming\slobs-client 2025-03-17 19:40 - 2025-02-04 21:27 - 000003578 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-2028693066-2051009854-3453307072-1001 2025-03-17 19:40 - 2021-12-21 22:38 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2028693066-2051009854-3453307072-1001 2025-03-17 19:40 - 2021-04-03 07:15 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2028693066-2051009854-3453307072-1001 2025-03-17 19:40 - 2021-04-03 07:12 - 000002430 _____ C:\Users\Sa1goN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2025-03-16 21:08 - 2021-01-13 19:56 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2025-03-16 01:22 - 2024-03-02 20:57 - 000000000 ____D C:\Users\Sa1goN\Documents\My Games 2025-03-15 22:35 - 2021-01-13 22:16 - 000000000 ____D C:\Users\Sa1goN\AppData\Local\CrashDumps 2025-03-15 01:05 - 2023-09-26 23:04 - 000001362 _____ C:\Users\Sa1goN\Desktop\CapCut.lnk 2025-03-13 21:09 - 2021-04-03 17:01 - 000784314 _____ C:\WINDOWS\system32\perfh015.dat 2025-03-13 21:09 - 2021-04-03 17:01 - 000152236 _____ C:\WINDOWS\system32\perfc015.dat 2025-03-13 21:09 - 2021-04-03 07:21 - 001767984 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2025-03-13 21:06 - 2021-05-14 22:42 - 000003108 _____ C:\WINDOWS\system32\Tasks\NahimicTask32 2025-03-13 21:06 - 2021-05-14 22:42 - 000003088 _____ C:\WINDOWS\system32\Tasks\NahimicTask64 2025-03-13 21:06 - 2021-04-03 07:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2025-03-13 21:06 - 2021-04-03 07:12 - 000268504 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2025-03-13 21:06 - 2021-01-13 22:47 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2025-03-13 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2025-03-13 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2025-03-13 21:05 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2025-03-13 20:32 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2025-03-13 20:28 - 2021-01-13 22:56 - 000002252 _____ C:\Users\Sa1goN\Desktop\Discord.lnk 2025-03-11 22:08 - 2023-10-13 19:36 - 000000000 ____D C:\Users\Sa1goN\AppData\Roaming\tikfinity 2025-03-11 19:34 - 2025-01-27 02:27 - 000000000 ____D C:\Users\Sa1goN\AppData\Roaming\undetected_chromedriver 2025-03-08 23:27 - 2023-09-26 23:03 - 000000000 ____D C:\Users\Sa1goN\AppData\Local\CapCut 2025-03-08 20:17 - 2023-09-16 18:32 - 000000000 ____D C:\Users\Sa1goN\AppData\Roaming\TikTok LIVE Studio 2025-03-08 20:11 - 2023-09-16 18:32 - 000000000 ____D C:\Program Files\TikTok LIVE Studio 2025-03-08 20:03 - 2025-01-22 14:03 - 000000000 ____D C:\ProgramData\obs-studio 2025-03-08 00:49 - 2024-12-18 12:01 - 000003834 _____ C:\WINDOWS\system32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2025-03-08 00:49 - 2021-01-13 20:10 - 000000000 ____D C:\Users\Sa1goN\AppData\Local\NVIDIA Corporation 2025-03-08 00:49 - 2021-01-13 20:10 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2025-03-06 22:48 - 2021-04-03 07:15 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2025-03-06 22:48 - 2021-04-03 07:15 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2025-03-06 12:08 - 2021-01-14 04:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2025-03-06 12:00 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2025-03-06 12:00 - 2019-12-07 10:51 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2025-03-06 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2025-03-06 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2025-03-06 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2025-03-06 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2025-03-06 12:00 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2025-03-05 22:45 - 2021-04-03 07:14 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2025-03-05 20:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2025-03-05 19:17 - 2022-05-07 10:06 - 000000000 ___HD C:\$WINDOWS.~BT 2025-03-04 09:20 - 2025-01-30 23:39 - 000000000 ____D C:\Users\Sa1goN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Casterlabs 2025-03-04 09:20 - 2025-01-30 19:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vertical-canvas 2025-03-04 09:20 - 2025-01-30 18:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aitum-multistream 2025-03-04 09:20 - 2025-01-25 02:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA 2025-03-04 09:20 - 2024-12-18 12:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2025-03-04 09:20 - 2024-07-10 17:49 - 000000000 ____D C:\WINDOWS\system32\compatrel 2025-03-04 09:20 - 2024-05-28 20:19 - 000000000 ____D C:\Users\Sa1goN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Play Games 2025-03-04 09:20 - 2024-03-21 18:41 - 000000000 ____D C:\Users\Sa1goN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GK630K ONYX Keyboard 2025-03-04 09:20 - 2024-03-21 18:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GK630K ONYX Keyboard 2025-03-04 09:20 - 2024-02-27 20:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Play Games 2025-03-04 09:20 - 2024-01-28 03:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iriun Webcam 2025-03-04 09:20 - 2023-10-13 19:36 - 000000000 ____D C:\Users\Sa1goN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\zerody 2025-03-04 09:20 - 2023-09-22 22:39 - 000000000 ____D C:\Users\Sa1goN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Effect House 2025-03-04 09:20 - 2023-01-13 21:07 - 000000000 ____D C:\Users\Sa1goN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome 2025-03-04 09:20 - 2023-01-12 07:19 - 000000000 ____D C:\Users\Sa1goN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server 2025-03-04 09:20 - 2023-01-12 07:19 - 000000000 ____D C:\Users\Sa1goN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner 2025-03-04 09:20 - 2023-01-09 02:23 - 000000000 ____D C:\WINDOWS\system32\AMD 2025-03-04 09:20 - 2022-12-08 21:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64 2025-03-04 09:20 - 2021-12-21 23:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TLauncher 2025-03-04 09:20 - 2021-06-04 17:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio 2025-03-04 09:20 - 2021-04-03 07:12 - 000000000 ____D C:\Users\Sa1goN\AppData\Roaming\Microsoft\Windows 2025-03-04 09:20 - 2021-04-03 07:12 - 000000000 ____D C:\Users\Sa1goN 2025-03-04 09:20 - 2021-03-22 02:23 - 000000000 ____D C:\Users\Sa1goN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FACEIT Ltd 2025-03-04 09:20 - 2021-01-26 15:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeMouseAutoClicker 2025-03-04 09:20 - 2021-01-14 21:35 - 000000000 ____D C:\Users\Sa1goN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2025-03-04 09:20 - 2021-01-14 21:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2025-03-04 09:20 - 2021-01-14 18:08 - 000000000 ____D C:\Program Files\UNP 2025-03-04 09:20 - 2021-01-14 09:57 - 000000000 ____D C:\WINDOWS\system32\MRT 2025-03-04 09:20 - 2021-01-13 23:24 - 000000000 ____D C:\Users\Sa1goN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2025-03-04 09:20 - 2021-01-13 22:56 - 000000000 ____D C:\Users\Sa1goN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2025-03-04 09:20 - 2021-01-13 22:39 - 000000000 ____D C:\WINDOWS\system32\A-Volute 2025-03-04 09:20 - 2021-01-13 20:23 - 000000000 ____D C:\Users\Sa1goN\AppData\Roaming\Microsoft\Spelling 2025-03-04 09:20 - 2021-01-13 20:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2025-03-04 09:20 - 2021-01-13 19:57 - 000000000 __RHD C:\Users\Public\AccountPictures 2025-03-04 09:20 - 2019-12-07 10:14 - 000000000 __RHD C:\Users\Public\Libraries 2025-03-04 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2025-03-04 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2025-03-04 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords 2025-03-04 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2025-03-04 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2025-03-04 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2025-03-04 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ta-lk 2025-03-04 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ta-in 2025-03-04 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\spool 2025-03-04 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\si-lk 2025-03-04 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001 2025-03-04 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2025-03-04 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\my-mm 2025-03-04 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2025-03-04 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2025-03-04 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords 2025-03-04 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN 2025-03-04 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2025-03-04 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2025-03-04 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ContainerSettingsProviders 2025-03-04 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\am-et 2025-03-04 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState 2025-03-04 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Registration 2025-03-04 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2025-03-04 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack 2025-03-04 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows 2025-03-04 09:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2025-03-04 00:23 - 2021-04-03 07:15 - 000214995 _____ C:\WINDOWS\diagerr.xml 2025-03-04 00:23 - 2021-04-03 07:15 - 000205743 _____ C:\WINDOWS\diagwrn.xml 2025-03-04 00:03 - 2023-09-01 17:20 - 000000000 ____D C:\WINDOWS\Panther 2025-03-03 19:09 - 2024-07-12 20:36 - 000000000 ____D C:\Users\Sa1goN\AppData\Local\Downloaded Installations 2025-03-03 18:45 - 2023-09-16 18:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vertical Canvas 2025-03-03 18:45 - 2021-04-03 07:14 - 000000000 ____D C:\Users\Sa1goN\AppData\Roaming\Microsoft\Crypto 2025-03-02 17:59 - 2023-10-22 22:17 - 000000000 ____D C:\ProgramData\Nahimic 2025-03-01 23:15 - 2024-03-03 23:31 - 000000000 ____D C:\Users\Sa1goN\AppData\Local\Origin 2025-03-01 22:27 - 2025-01-25 02:29 - 000000223 _____ C:\Users\Sa1goN\Desktop\It Takes Two Friend's Pass.url 2025-02-27 00:33 - 2024-10-11 04:08 - 000234712 _____ (Google) C:\WINDOWS\system32\Drivers\GoogleHaxm.sys 2025-02-23 06:36 - 2021-06-08 16:38 - 000000000 ____D C:\Users\Sa1goN\Desktop\Yellow-Black-best-overlays.eu 2025-02-23 06:36 - 2021-06-07 20:24 - 000000000 ____D C:\Users\Sa1goN\AppData\Local\babl-0.1 2025-02-22 01:34 - 2021-01-13 19:59 - 000000000 ____D C:\Users\Sa1goN\AppData\Local\ElevatedDiagnostics 2025-02-20 01:53 - 2021-01-13 20:13 - 000000000 ____D C:\ProgramData\Packages 2025-02-20 01:53 - 2021-01-13 19:58 - 000000000 ____D C:\Users\Sa1goN\AppData\Local\PlaceholderTileLogoFolder 2025-02-20 01:53 - 2021-01-13 19:57 - 000000000 ____D C:\Users\Sa1goN\AppData\Local\Publishers 2025-02-20 01:53 - 2021-01-13 19:57 - 000000000 ____D C:\Users\Sa1goN\AppData\Local\Packages 2025-02-19 01:24 - 2024-12-18 12:01 - 003108896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2025-02-19 01:24 - 2024-12-18 12:01 - 002398752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2025-02-19 01:24 - 2023-09-30 21:08 - 000271904 _____ C:\WINDOWS\system32\FvSDK_x64.dll 2025-02-19 01:24 - 2023-09-30 21:08 - 000245792 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll 2025-02-19 01:05 - 2024-12-18 12:01 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat 2025-02-19 01:05 - 2024-12-18 12:00 - 000180760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2025-02-19 01:05 - 2024-12-18 12:00 - 000159768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll ==================== Pliki w katalogu głównym wybranych folderów ======== 2025-01-22 14:36 - 2025-01-22 14:36 - 000000068 _____ () C:\Users\Sa1goN\AppData\Roaming\changzhi_leidian.data 2025-01-28 21:18 - 2025-01-28 21:18 - 000000023 _____ () C:\Users\Sa1goN\AppData\Roaming\epm_user.ini 2021-06-07 21:21 - 2025-01-30 23:20 - 000000016 _____ () C:\Users\Sa1goN\AppData\Roaming\obs-virtualcam.txt 2025-02-23 06:35 - 2025-02-23 06:35 - 000003293 _____ () C:\Users\Sa1goN\AppData\Local\recently-used.xbel 2021-03-13 20:56 - 2021-03-13 20:56 - 000007602 _____ () C:\Users\Sa1goN\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================