Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 27-02-2022 Uruchomiony przez 48512 (administrator) DESKTOP-64JNB7A (Acer Nitro N50-620) (06-03-2022 10:59:12) Uruchomiony z C:\Users\48512\Documents Załadowane profile: 48512 Platform: Microsoft Windows 10 Home Wersja 21H2 19044.1526 (X64) Język: Polski (Polska) Domyślna przeglądarka: Opera Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7> (C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (C:\Users\48512\AppData\Local\Programs\Lively Wallpaper\livelywpf.exe ->) (livelySubProcess) [Brak podpisu cyfrowego] C:\Users\48512\AppData\Local\Programs\Lively Wallpaper\plugins\subproc\livelySubProcess.exe (C:\Users\48512\AppData\Local\Programs\Lively Wallpaper\livelywpf.exe ->) (rocksdanister) [Brak podpisu cyfrowego] C:\Users\48512\AppData\Local\Programs\Lively Wallpaper\plugins\cef\LivelyCefSharp.exe (C:\Users\48512\AppData\Local\Programs\Lively Wallpaper\plugins\cef\LivelyCefSharp.exe ->) (The CefSharp Authors) [Brak podpisu cyfrowego] C:\Users\48512\AppData\Local\Programs\Lively Wallpaper\plugins\cef\CefSharp.BrowserSubprocess.exe <4> (C:\Users\48512\AppData\Local\Programs\Opera GX\opera.exe ->) (Opera Software AS -> Opera Software) C:\Users\48512\AppData\Local\Programs\Opera GX\83.0.4254.70\opera_crashreporter.exe (Discord Inc. -> Discord Inc.) C:\Users\48512\AppData\Local\Discord\app-1.0.9004\Discord.exe <7> (explorer.exe ->) (Charles Milette) C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2021.5.0.0_x64__v826wp6bftszj\TranslucentTB.exe (explorer.exe ->) (livelywpf) [Brak podpisu cyfrowego] C:\Users\48512\AppData\Local\Programs\Lively Wallpaper\livelywpf.exe (explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe (explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Opera Software AS -> Opera Software) C:\Users\48512\AppData\Local\Programs\Opera GX\opera.exe <24> (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe (services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_7aa6ca9dbb25bff8\jhi_service.exe (services.exe ->) (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe (services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.62.18001.0_x64__8wekyb3d8bbwe\gamingservices.exe (services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.62.18001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvaei.inf_amd64_c89fa084d6c97dba\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3326348feda52885\RtkAudUService64.exe <2> (services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (SweetLabs Inc. -> SweetLabs, Inc) C:\Users\48512\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3326348feda52885\RtkAudUService64.exe [1232240 2021-01-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3183328 2021-11-30] (Riot Games, Inc. -> Riot Games, Inc.) HKLM\...\Run: [hola] => C:\Program Files\Hola\app\hola.exe --silent (Brak pliku) <==== UWAGA HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [167496 2022-01-13] (ESET, spol. s r.o. -> ESET) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-2913843471-1356635206-1565958684-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4279208 2022-03-05] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-2913843471-1356635206-1565958684-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33661920 2022-03-01] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-2913843471-1356635206-1565958684-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\48512\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software) HKU\S-1-5-21-2913843471-1356635206-1565958684-1001\...\Run: [Spotify] => C:\Users\48512\AppData\Roaming\Spotify\Spotify.exe [19268536 2022-03-06] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-2913843471-1356635206-1565958684-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\48512\AppData\Local\Microsoft\Teams\Update.exe [2489016 2022-02-03] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-2913843471-1356635206-1565958684-1001\...\Run: [MyNotes] => C:\Users\48512\AppData\Roaming\MyNotes\MyNotes.exe [12377037 2021-12-27] (MyNotes © 2021) [Brak podpisu cyfrowego] HKU\S-1-5-21-2913843471-1356635206-1565958684-1001\...\Run: [Music] => C:\Users\48512\AppData\Roaming\Music\Music.exe [0 2022-01-05] () [Odmowa dostępu] HKU\S-1-5-21-2913843471-1356635206-1565958684-1001\...\Run: [livelywpf] => C:\Users\48512\AppData\Local\Programs\Lively Wallpaper\livelywpf.exe [195072 2021-11-30] (livelywpf) [Brak podpisu cyfrowego] HKU\S-1-5-21-2913843471-1356635206-1565958684-1001\...\Run: [Discord] => C:\Users\48512\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub) HKU\S-1-5-21-2913843471-1356635206-1565958684-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [4968224 2022-02-11] (Microsoft Windows -> Microsoft Corporation) <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {1800E0BF-367E-4E04-9C82-81580D836D01} - System32\Tasks\NortonLifeLock Trial Agent V2 => C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NLOKTrialAgentV2.exe /scheduled (Brak pliku) Task: {18B5EE9D-C3FA-451C-AEF2-E8BD8503979B} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation) Task: {2487519B-4934-4CAB-8E16-759852A32CBF} - System32\Tasks\Opera GX scheduled Autoupdate 1631536522 => C:\Users\48512\AppData\Local\Programs\Opera GX\launcher.exe [2270416 2022-02-23] (Opera Software AS -> Opera Software) Task: {29F6B4E4-C556-4E81-950B-AFED7125411D} - System32\Tasks\App Explorer => C:\Users\48512\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7823408 2022-01-26] (SweetLabs Inc. -> SweetLabs, Inc) <==== UWAGA Task: {3340C228-4D7B-4B1F-87F4-67D21D808EFC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647376 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation) Task: {3AA7E557-189E-484E-A6C6-2856691A95DC} - System32\Tasks\NitroSense => C:\Program Files\Acer\NitroSense Service\PSLauncher.exe [593448 2020-04-16] (Acer Incorporated -> Acer Incorporated) Task: {3FA488B7-B5DE-4343-8E16-E2E61F26A154} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation) Task: {4028E4A5-9F7C-4366-9837-63443B6E34EE} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation) Task: {4E7BCC37-BD7F-41E7-B497-D6833923B54F} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2913843471-1356635206-1565958684-500 => C:\Users\48512\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Brak pliku) Task: {551C79A8-1752-4BD1-AB5C-A6E1B2F831D1} - System32\Tasks\Обновление Браузера Яндекс => C:\Users\48512\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --background-update --noerrdialogs (Brak pliku) Task: {564053A0-8537-4E60-BA69-43D29ECA4115} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [447528 2020-09-10] (Acer Incorporated -> Acer Incorporated) Task: {655CEA0D-410F-481F-8375-7CFD14254495} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation) Task: {66D95B66-015E-46AA-86FC-91A370FB3022} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation) Task: {B00AC4F2-B38A-495F-BE25-D1AA6119C510} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473880 2020-07-16] (Acer Incorporated -> Acer Incorporated) Task: {B3AB28D0-8642-491F-A34D-3E492B4C1BF1} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339472 2022-02-03] (Nvidia Corporation -> NVIDIA Corporation) Task: {CE23AA48-8570-4224-AF40-E43D6A500759} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1633351530 => C:\Users\48512\AppData\Local\Programs\Opera GX\launcher.exe [2270416 2022-02-23] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\48512\AppData\Local\Programs\Opera GX\assistant" $(Arg0) Task: {D0ECC0D5-7CA4-4D9F-A36F-C056D7B67B97} - System32\Tasks\bYxgmeNmPKxnvwIHJl => C:\Users\48512\AppData\Local\Temp\xEOjRzFzELfOqmUYL\tCCPvaqDlavRIBp\rCEWDsA.exe W4 /site_id 525403 /S (Brak pliku) <==== UWAGA Task: {E35E2864-288C-4C26-94AB-6BEAABA7CA81} - System32\Tasks\Opera scheduled Autoupdate 1639589504 => C:\Users\48512\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Brak pliku) Task: {E9F62A93-E680-4CB8-9100-ADE206120358} - System32\Tasks\Oem\wlanBrokerTask => C:\Program Files (x86)\Acer\ExpressVPN\wlanBroker.exe [18224 2021-03-12] (Acer Incorporated -> ) Task: {F2CD8102-3EE5-46E2-A3B8-7F9CE66D36CF} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation) Task: {F7035B32-056D-4E9F-96B1-F92896AC43DA} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1009872 2021-11-02] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\bYxgmeNmPKxnvwIHJl.job => C:\Users\48512\AppData\Local\Temp\xEOjRzFzELfOqmUYL\tCCPvaqDlavRIBp\rCEWDsA.exe Task: C:\Windows\Tasks\Обновление Браузера Яндекс.job => C:\Users\48512\AppData\Local\Yandex\YandexBrowser\Application\browser.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 Tcpip\..\Interfaces\{12ab25b3-ce2d-4c77-9dce-0452de747e07}: [DhcpNameServer] 192.168.8.1 Tcpip\..\Interfaces\{c3f32fad-2c81-484e-8562-06949241dd07}: [DhcpNameServer] 172.20.10.1 Edge: ======= Edge HomeButtonPage: HKU\S-1-5-21-2913843471-1356635206-1565958684-1001 -> hxxps://www.yandex.ru/?win=515&clid=2379713-912 Edge DefaultProfile: Default Edge Profile: C:\Users\48512\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-01] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\48512\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-01-27] Edge Profile: C:\Users\48512\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2021-09-19] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: c5ajv6ao.default FF ProfilePath: C:\Users\48512\AppData\Roaming\Mozilla\Firefox\Profiles\c5ajv6ao.default [2022-01-05] FF Homepage: Mozilla\Firefox\Profiles\c5ajv6ao.default -> hxxps://www.yandex.ru/?win=515&clid=2379713-912 FF SearchPlugin: C:\Users\48512\AppData\Roaming\Mozilla\Firefox\Profiles\c5ajv6ao.default\searchplugins\yandex.ru-20211413.xml [2021-11-13] FF ProfilePath: C:\Users\48512\AppData\Roaming\Mozilla\Firefox\Profiles\xkv3onia.default-release [2022-01-05] FF Homepage: Mozilla\Firefox\Profiles\xkv3onia.default-release -> hxxps://www.yandex.ru/?win=515&clid=2379713-912 FF NewTabOverride: Mozilla\Firefox\Profiles\xkv3onia.default-release -> Enabled: vb@yandex.ru FF Extension: (Amazon Assistant for Firefox) - C:\Users\48512\AppData\Roaming\Mozilla\Firefox\Profiles\xkv3onia.default-release\Extensions\abb-acer@amazon.com.xpi [2021-09-16] [UpdateUrl:hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json] FF Extension: (Polski Language Pack) - C:\Users\48512\AppData\Roaming\Mozilla\Firefox\Profiles\xkv3onia.default-release\Extensions\langpack-pl@firefox.mozilla.org.xpi [2021-10-10] FF Extension: (Визуальные закладки) - C:\Users\48512\AppData\Roaming\Mozilla\Firefox\Profiles\xkv3onia.default-release\Extensions\vb@yandex.ru.xpi [2021-12-19] FF SearchPlugin: C:\Users\48512\AppData\Roaming\Mozilla\Firefox\Profiles\xkv3onia.default-release\searchplugins\yandex.ru-20211413.xml [2021-11-13] FF Plugin: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-01-21] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-01-21] (Oracle America, Inc. -> Oracle Corporation) Chrome: ======= CHR HKU\S-1-5-21-2913843471-1356635206-1565958684-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fhkbfkkohcdgpckffakhbllifkakihmh] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] Opera: ======= OPR Profile: C:\Users\48512\AppData\Roaming\Opera Software\Opera Stable [2022-01-22] OPR Extension: (Rich Hints Agent) - C:\Users\48512\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-12-15] OPR Extension: (Amazon Assistant Promotion) - C:\Users\48512\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-12-15] StartMenuInternet: (HKU\S-1-5-21-2913843471-1356635206-1565958684-1001) Opera GXStable - "C:\Users\48512\AppData\Local\Programs\Opera GX\Launcher.exe" Yandex: ======= YAN Profile: C:\Users\48512\AppData\Local\Yandex\YandexBrowser\User Data\Default [2022-01-05] StartMenuInternet: (HKU\S-1-5-21-2913843471-1356635206-1565958684-1001) Yandex.W56JY7RF36NCXTMQYGOLLHNSGA - "C:\Users\48512\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-09-13] (BattlEye Innovations e.K. -> ) R2 DtsApo4Service; C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe [201376 2020-10-18] (DTS, Inc. -> DTS Inc.) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812520 2022-01-19] (EasyAntiCheat Oy -> Epic Games, Inc) R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3141480 2022-01-13] (ESET, spol. s r.o. -> ESET) R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3141480 2022-01-13] (ESET, spol. s r.o. -> ESET) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-07] (Epic Games Inc. -> Epic Games, Inc.) S4 PSSvc; C:\Program Files\Acer\NitroSense Service\PSSvc.exe [862248 2020-04-16] (Acer Incorporated -> Acer Incorporated) S4 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [526888 2020-09-10] (Acer Incorporated -> Acer Incorporated) S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2559896 2022-02-25] (Rockstar Games, Inc. -> Rockstar Games) S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10429808 2021-11-30] (Riot Games, Inc. -> Riot Games, Inc.) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe [2909208 2022-02-09] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe [128376 2022-02-09] (Microsoft Windows Publisher -> Microsoft Corporation) S2 hola_svc; "C:\Program Files\Hola\app\hola_svc.exe" --service [X] <==== UWAGA S2 hola_updater; "C:\Program Files\Hola\app\hola_updater.exe" --service --run-as hola_updater [X] <==== UWAGA R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvaei.inf_amd64_c89fa084d6c97dba\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvaei.inf_amd64_c89fa084d6c97dba\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem S2 SecurityService; C:\Program Files (x86)\TotalAV\SecurityService.exe [X] <==== UWAGA S2 SecurityServiceMonitor; C:\Program Files (x86)\TotalAV\SecurityService.exe --monitor [X] <==== UWAGA ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [184464 2022-01-13] (ESET, spol. s r.o. -> ESET) R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [122944 2022-01-13] (ESET, spol. s r.o. -> ESET) S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15824 2022-01-12] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET) R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [201976 2022-01-13] (ESET, spol. s r.o. -> ESET) R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [43904 2022-01-13] (ESET, spol. s r.o. -> ESET) R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [69704 2022-01-13] (ESET, spol. s r.o. -> ESET) R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [110560 2022-01-13] (ESET, spol. s r.o. -> ESET) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation) S1 rtf64; C:\Windows\system32\DRIVERS\rtf64x64.sys [70560 2018-09-03] (Realtek Semiconductor Corp. -> Realtek) R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8480608 2021-11-29] (Riot Games, Inc. -> Riot Games, Inc.) S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2022-02-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [438520 2022-02-09] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [90360 2022-02-09] (Microsoft Windows -> Microsoft Corporation) R1 webshieldfilter; C:\Windows\System32\drivers\webshieldfilter.sys [96264 2020-12-09] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) <==== UWAGA ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Trzy miesiące (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-03-02 14:47 - 2022-03-02 14:47 - 000031438 _____ C:\Users\48512\Downloads\reshade_najciuu.ini 2022-03-01 23:15 - 2022-03-01 23:15 - 000000000 ____D C:\Users\48512\Documents\REAPER Media 2022-03-01 23:11 - 2022-03-01 23:11 - 000000873 _____ C:\Users\Public\Desktop\REAPER (x64).lnk 2022-03-01 23:11 - 2022-03-01 23:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64) 2022-03-01 23:11 - 2022-03-01 23:11 - 000000000 ____D C:\Program Files\REAPER (x64) 2022-02-27 14:08 - 2022-02-27 14:27 - 000000000 ____D C:\Users\48512\AppData\Roaming\cshSkins 2022-02-27 13:59 - 2022-02-27 13:59 - 000000000 _____ C:\Windows\SysWOW64\wsmand.log.lock 2022-02-27 13:57 - 2022-02-27 13:57 - 000002020 ____H C:\Users\Public\Desktop\Ochrona bankowości internetowej ESET.lnk 2022-02-27 13:49 - 2022-02-27 13:49 - 000000000 ____D C:\Users\48512\AppData\Local\ESET 2022-02-27 13:49 - 2022-02-27 13:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2022-02-27 13:49 - 2022-02-27 13:49 - 000000000 ____D C:\ProgramData\ESET 2022-02-27 13:49 - 2022-02-27 13:49 - 000000000 ____D C:\Program Files\ESET 2022-02-27 13:46 - 2022-02-27 13:46 - 005504960 ____H (ESET) C:\Users\48512\Desktop\eset_internet_security_live_installer.exe 2022-02-27 00:43 - 2022-02-27 14:03 - 000001054 _____ C:\Users\48512\Desktop\Ukraina vs Rosja.txt 2022-02-26 21:08 - 2022-02-26 22:14 - 000000000 ____D C:\Program Files\EqualizerAPO 2022-02-24 23:01 - 2022-02-24 23:01 - 000000000 ____D C:\Users\48512\AppData\Local\EALaunchHelper 2022-02-24 14:23 - 2022-02-24 14:23 - 000001056 ____H C:\Users\Public\Desktop\OBS Studio.lnk 2022-02-24 14:23 - 2022-02-24 14:23 - 000000000 ____D C:\Program Files\obs-studio 2022-02-22 13:27 - 2022-02-22 13:27 - 000037499 _____ C:\Users\48512\Documents\Shortcut.txt 2022-02-22 13:26 - 2022-03-06 10:59 - 000022924 _____ C:\Users\48512\Documents\FRST.txt 2022-02-22 13:25 - 2022-03-06 10:59 - 000000000 ____D C:\Users\48512\Documents\FRST-OlderVersion 2022-02-22 13:25 - 2022-03-06 10:59 - 000000000 ____D C:\FRST 2022-02-22 13:23 - 2022-03-06 10:59 - 002312192 _____ (Farbar) C:\Users\48512\Documents\FRST64.exe 2022-02-19 16:10 - 2022-02-19 16:10 - 000000000 ____D C:\Users\48512\AppData\Local\LucasArts 2022-02-18 18:17 - 2022-02-18 18:17 - 000000000 ____D C:\ProgramData\obs-studio-hook 2022-02-18 18:16 - 2022-02-18 18:16 - 000000000 ____D C:\ProgramData\SteelSeries 2022-02-18 18:16 - 2022-02-18 18:16 - 000000000 ____D C:\Program Files\SteelSeries 2022-02-17 15:30 - 2022-02-17 15:30 - 000000000 ____D C:\Users\48512\AppData\Roaming\NVIDIA 2022-02-17 15:25 - 2022-02-17 15:25 - 000000000 ____D C:\Windows\system32\lxss 2022-02-17 15:25 - 2022-02-17 15:25 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation 2022-02-17 15:24 - 2022-02-10 19:42 - 001905936 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2022-02-17 15:24 - 2022-02-10 19:42 - 001905936 _____ C:\Windows\system32\vulkaninfo.exe 2022-02-17 15:24 - 2022-02-10 19:42 - 001478416 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2022-02-17 15:24 - 2022-02-10 19:42 - 001478416 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2022-02-17 15:24 - 2022-02-10 19:42 - 001467840 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2022-02-17 15:24 - 2022-02-10 19:42 - 001432336 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2022-02-17 15:24 - 2022-02-10 19:42 - 001432336 _____ C:\Windows\system32\vulkan-1.dll 2022-02-17 15:24 - 2022-02-10 19:42 - 001209280 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2022-02-17 15:24 - 2022-02-10 19:42 - 001145616 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2022-02-17 15:24 - 2022-02-10 19:42 - 001145616 _____ C:\Windows\SysWOW64\vulkan-1.dll 2022-02-17 15:24 - 2022-02-10 19:39 - 001531872 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2022-02-17 15:24 - 2022-02-10 19:39 - 001176704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2022-02-17 15:24 - 2022-02-10 19:39 - 000797112 _____ C:\Windows\system32\nvofapi64.dll 2022-02-17 15:24 - 2022-02-10 19:39 - 000717760 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll 2022-02-17 15:24 - 2022-02-10 19:39 - 000636032 _____ C:\Windows\SysWOW64\nvofapi.dll 2022-02-17 15:24 - 2022-02-10 19:38 - 002120320 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2022-02-17 15:24 - 2022-02-10 19:38 - 001602728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2022-02-17 15:24 - 2022-02-10 19:38 - 000983992 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2022-02-17 15:24 - 2022-02-10 19:38 - 000795584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2022-02-17 15:24 - 2022-02-10 19:38 - 000711608 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe 2022-02-17 15:24 - 2022-02-10 19:37 - 008612496 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2022-02-17 15:24 - 2022-02-10 19:37 - 007714960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2022-02-17 15:24 - 2022-02-10 19:37 - 005727376 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2022-02-17 15:24 - 2022-02-10 19:37 - 005099152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2022-02-17 15:24 - 2022-02-10 19:37 - 002935744 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2022-02-17 15:24 - 2022-02-10 19:37 - 000456848 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe 2022-02-17 15:24 - 2022-02-10 19:35 - 000849024 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe 2022-02-17 15:24 - 2022-02-10 19:34 - 007613344 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2022-02-17 15:24 - 2022-02-10 19:34 - 006461040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2022-02-17 15:24 - 2022-02-10 07:18 - 000127968 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2022-02-17 15:24 - 2022-02-10 07:18 - 000089251 _____ C:\Windows\system32\nvinfo.pb 2022-02-17 15:24 - 2022-02-10 07:18 - 000040920 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll 2022-02-11 13:43 - 2022-02-11 13:43 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe 2022-02-11 13:43 - 2022-02-11 13:43 - 000011813 _____ C:\Windows\system32\DrtmAuthTxt.wim 2022-02-11 13:42 - 2022-02-11 13:42 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll 2022-02-11 13:42 - 2022-02-11 13:42 - 000272384 _____ C:\Windows\system32\TpmTool.exe 2022-02-11 13:42 - 2022-02-11 13:42 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe 2022-02-11 13:39 - 2022-02-11 13:39 - 000000000 ___HD C:\$WinREAgent 2022-02-03 22:29 - 2022-02-03 22:29 - 000000000 ____D C:\Users\48512\AppData\Roaming\Paradox Interactive 2022-02-03 22:29 - 2022-02-03 22:29 - 000000000 ____D C:\Users\48512\AppData\Local\Introversion 2022-02-03 22:28 - 2022-02-03 22:28 - 000000000 ____D C:\Users\48512\AppData\Local\Paradox Interactive 2022-02-01 08:55 - 2022-02-24 14:15 - 000000168 _____ C:\Windows\wininit.ini 2022-01-31 12:47 - 2021-09-13 12:34 - 000001040 _____ C:\Users\48512\Documents\Steam.lnk 2022-01-31 10:35 - 2022-01-31 12:42 - 000002132 ____H C:\Users\48512\Desktop\FiveM.lnk 2022-01-31 10:35 - 2022-01-31 10:35 - 000002140 _____ C:\Users\48512\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiveM.lnk 2022-01-29 13:43 - 2022-03-06 10:04 - 000000000 ____D C:\Users\48512\AppData\Local\Discord 2022-01-29 13:43 - 2022-02-17 20:12 - 000002235 ____H C:\Users\48512\Desktop\Discord.lnk 2022-01-29 13:36 - 2022-01-29 13:36 - 000001337 _____ C:\Users\48512\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lively Wallpaper.lnk 2022-01-29 13:36 - 2022-01-29 13:36 - 000001329 ____H C:\Users\48512\Desktop\Lively Wallpaper.lnk 2022-01-29 13:36 - 2022-01-29 13:36 - 000000000 ____D C:\Users\48512\AppData\Local\Lively Wallpaper 2022-01-29 13:36 - 2022-01-29 13:36 - 000000000 ____D C:\Program Files (x86)\dotnet 2022-01-27 18:34 - 2022-01-27 18:34 - 000000000 ____D C:\Users\48512\AppData\LocalLow\Landfall 2022-01-26 19:00 - 2022-01-26 19:02 - 000000000 ____D C:\Program Files\ExLoader 2022-01-23 18:44 - 2022-01-23 18:44 - 000000000 ____D C:\Users\48512\AppData\Roaming\KEK 2022-01-21 17:17 - 2022-01-21 17:17 - 000000000 ____D C:\Users\48512\AppData\LocalLow\Oracle 2022-01-20 19:12 - 2022-01-20 19:12 - 000000000 ____D C:\Users\48512\AppData\Local\Kaspersky Lab 2022-01-17 20:28 - 2022-01-17 20:28 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2022-01-17 17:54 - 2022-01-17 17:54 - 000000000 ____D C:\Users\48512\AppData\Roaming\ProjectRencify 2022-01-14 21:40 - 2022-01-29 13:26 - 000000017 _____ C:\Users\48512\AppData\Roaming\.cache3678791056.dat 2022-01-14 21:40 - 2022-01-14 21:40 - 000000000 ____D C:\Users\48512\AppData\Roaming\BuilderGameDesktopApp 2022-01-14 16:26 - 2022-01-14 16:26 - 000523776 _____ (curl, hxxps://curl.se/) C:\Windows\system32\curl.exe 2022-01-14 16:26 - 2022-01-14 16:26 - 000464384 _____ (curl, hxxps://curl.se/) C:\Windows\SysWOW64\curl.exe 2022-01-13 13:48 - 2022-01-13 13:48 - 000201976 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys 2022-01-13 13:48 - 2022-01-13 13:48 - 000184464 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys 2022-01-13 13:48 - 2022-01-13 13:48 - 000122944 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys 2022-01-13 13:48 - 2022-01-13 13:48 - 000110560 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys 2022-01-13 13:48 - 2022-01-13 13:48 - 000069704 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys 2022-01-13 13:48 - 2022-01-13 13:48 - 000043904 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys 2022-01-12 10:35 - 2022-01-12 10:35 - 000015824 _____ (ESET) C:\Windows\system32\Drivers\eelam.sys 2022-01-06 22:20 - 2022-01-06 22:20 - 000000000 ____D C:\Users\Default\AppData\Local\Kaspersky Lab 2022-01-05 23:50 - 2022-01-06 00:15 - 000000000 ___HD C:\ProgramData\Yiodvl 2022-01-05 21:03 - 2022-01-05 21:03 - 000000110 _____ C:\Windows\gpu_name.txt 2022-01-05 21:03 - 2022-01-05 21:03 - 000000000 ____D C:\Users\48512\AppData\Roaming\Screenshots 2022-01-05 21:03 - 2022-01-05 21:03 - 000000000 ____D C:\Users\48512\AppData\Roaming\NCH Software 2022-01-05 21:03 - 2022-01-05 21:03 - 000000000 ____D C:\Program Files\temp_files 2022-01-05 21:02 - 2022-01-05 21:02 - 000645869 _____ C:\Users\48512\AppData\LocalLow\xnpwF1MWxrN.zip 2022-01-05 21:01 - 2022-02-17 15:54 - 000645592 _____ C:\ProgramData\sqlite3.dll 2022-01-05 21:01 - 2022-01-06 10:31 - 000000000 ____D C:\Users\48512\AppData\Roaming\MyNotes 2022-01-05 21:01 - 2022-01-05 21:25 - 000000000 ____D C:\Windows\SysWOW64\djxhfhfb 2022-01-05 21:01 - 2022-01-05 21:25 - 000000000 ____D C:\Users\48512\AppData\LocalLow\hJ0aK0 2022-01-05 21:01 - 2022-01-05 21:01 - 000000000 ____D C:\Users\48512\AppData\Roaming\holnon 2022-01-05 21:01 - 2022-01-05 21:01 - 000000000 ____D C:\Users\48512\AppData\LocalLow\discord_files 2022-01-05 21:01 - 2022-01-05 21:01 - 000000000 ____D C:\Users\48512\AppData\Local\MyNotes 2022-01-05 21:00 - 2022-01-05 21:01 - 000000000 ____D C:\ProgramData\ITZ80NN207G80QBU0MUI9A4PL 2022-01-05 20:59 - 2022-01-05 21:25 - 000000000 ____D C:\Program Files (x86)\Company 2022-01-05 20:59 - 2022-01-05 21:03 - 000000000 ___HD C:\Users\48512\AppData\Roaming\28291455 2022-01-05 20:59 - 2022-01-05 21:01 - 000000000 ____D C:\Program Files (x86)\lighteningplayer 2022-01-05 20:59 - 2022-01-05 21:00 - 000000526 _____ C:\Windows\Tasks\bYxgmeNmPKxnvwIHJl.job 2022-01-05 20:59 - 2022-01-05 20:59 - 001671168 _____ C:\Users\48512\AppData\LocalLow\K0zQWtaSkb 2022-01-05 20:59 - 2022-01-05 20:59 - 000003070 _____ C:\Windows\system32\Tasks\bYxgmeNmPKxnvwIHJl 2022-01-05 20:59 - 2022-01-05 20:59 - 000000000 ____D C:\Users\48512\AppData\Roaming\ProfCleaner 2022-01-05 20:59 - 2022-01-05 20:59 - 000000000 ____D C:\Users\48512\AppData\Roaming\Green 2022-01-05 20:59 - 2022-01-05 20:59 - 000000000 ____D C:\Users\48512\AppData\Local\AdvinstAnalytics 2022-01-05 20:59 - 2022-01-05 20:59 - 000000000 ____D C:\ProgramData\UEE6QS0Y250K257GA79CRYYL4 2022-01-05 20:59 - 2022-01-05 20:59 - 000000000 _____ C:\Users\48512\AppData\Roaming\F.tmp 2022-01-05 20:58 - 2022-01-05 20:59 - 000000000 ____D C:\ProgramData\8OCG99T0M08Q6GY7P01VM9F4K 2022-01-05 20:58 - 2022-01-05 20:59 - 000000000 ____D C:\ProgramData\60JZFOHZOFMZHW0PXW2L5HC0S 2022-01-05 20:58 - 2022-01-05 20:58 - 000000266 __RSH C:\ProgramData\ntuser.pol 2022-01-05 20:58 - 2022-01-05 20:58 - 000000000 _____ C:\Users\48512\AppData\Roaming\E830.tmp 2022-01-05 20:58 - 2022-01-05 20:58 - 000000000 _____ C:\Users\48512\AppData\Roaming\DF75.tmp 2022-01-05 17:54 - 2022-01-05 17:54 - 000000000 ____D C:\Users\48512\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games 2022-01-04 11:28 - 2022-01-05 21:03 - 000000255 _____ C:\Windows\parameters.ini 2022-01-03 15:26 - 2022-01-03 15:26 - 000000000 ____D C:\Users\48512\AppData\LocalLow\Adobe 2022-01-03 15:16 - 2022-01-03 15:16 - 000000000 ____D C:\Users\48512\Documents\Adobe 2022-01-03 15:15 - 2022-02-26 22:59 - 000000000 ____D C:\ProgramData\Adobe 2022-01-03 15:15 - 2022-02-26 22:59 - 000000000 ____D C:\Program Files\Common Files\Adobe 2022-01-03 15:15 - 2022-01-03 15:16 - 000000000 ____D C:\Users\48512\AppData\Local\Adobe 2021-12-30 10:07 - 2021-12-30 10:07 - 000000000 ____D C:\Program Files\EA Games 2021-12-29 19:55 - 2021-12-29 19:55 - 000000091 _____ C:\Users\48512\Documents\alezejak czit.txt 2021-12-29 17:11 - 2021-12-29 17:12 - 000000000 ____D C:\Users\48512\AppData\LocalLow\Boneloaf 2021-12-29 16:17 - 2022-02-08 16:31 - 000001451 ____H C:\Users\Public\Desktop\GeForce Experience.lnk 2021-12-29 15:49 - 2021-12-31 20:29 - 000000000 ____D C:\Users\48512\Documents\My Games 2021-12-29 15:49 - 2021-12-29 15:49 - 000000000 ____D C:\Users\48512\AppData\Local\Haze1 2021-12-29 15:49 - 2021-12-29 15:49 - 000000000 ____D C:\ProgramData\Electronic Arts 2021-12-27 15:37 - 2021-12-27 15:37 - 000000000 ____D C:\Users\48512\AppData\LocalLow\SKS 2021-12-24 17:49 - 2022-01-31 10:35 - 000002132 _____ C:\Users\48512\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiveM - Cfx.re Development Kit (FxDK).lnk 2021-12-24 17:41 - 2021-12-24 17:41 - 000000000 ____D C:\Users\48512\Documents\nvidia 2021-12-22 13:01 - 2021-12-22 13:02 - 000000000 ____D C:\Users\48512\AppData\Roaming\Legendware 2021-12-20 21:25 - 2021-12-20 21:26 - 000000000 ____D C:\Program Files (x86)\DSL Host 2021-12-19 12:36 - 2021-12-19 12:36 - 000000000 ____D C:\Users\48512\Documents\.qo0 2021-12-18 15:51 - 2021-12-18 15:51 - 000000000 ____D C:\Windows\SystemTemp 2021-12-15 21:21 - 2022-02-03 11:45 - 000002372 _____ C:\Users\48512\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk 2021-12-15 21:21 - 2021-12-15 21:21 - 000000000 ____D C:\Users\48512\AppData\Roaming\Teams 2021-12-15 18:31 - 2022-01-26 19:02 - 000000000 ____D C:\Users\48512\AppData\Roaming\com.swiftsoft 2021-12-15 18:31 - 2021-12-15 18:31 - 000004252 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1639589504 2021-12-15 18:29 - 2022-01-26 19:02 - 000000000 ____D C:\ProgramData\ExLoader 2021-12-13 16:03 - 2022-01-28 11:16 - 000000000 ____D C:\Users\48512\AppData\Roaming\WeMod 2021-12-13 16:03 - 2022-01-15 14:52 - 000000000 ____D C:\Users\48512\AppData\Local\WeMod 2021-12-12 15:15 - 2021-12-12 15:15 - 000000000 ____D C:\Users\48512\AppData\LocalLow\BoundingBoxSoftware 2021-12-11 20:45 - 2022-02-24 14:15 - 000000000 ____D C:\Users\48512\Documents\EA Games 2021-12-11 13:42 - 2021-12-11 13:42 - 000000000 ____D C:\Users\48512\AppData\LocalLow\SUPERHOT_Team 2021-12-11 12:01 - 2021-12-11 12:01 - 000000000 ____D C:\Users\48512\AppData\LocalLow\Monomi Park 2021-12-11 11:42 - 2022-02-24 23:04 - 000000000 ____D C:\Program Files\Electronic Arts 2021-12-11 11:42 - 2021-12-11 11:46 - 000000000 ____D C:\Users\48512\AppData\Local\Origin 2021-12-11 11:42 - 2021-12-11 11:42 - 000000000 ____D C:\Users\48512\AppData\Local\INetHistory 2021-12-11 11:42 - 2021-12-11 11:42 - 000000000 ____D C:\Users\48512\AppData\Local\EAConnect_microsoft 2021-12-11 11:42 - 2021-12-11 11:42 - 000000000 ____D C:\Users\48512\AppData\Local\cache 2021-12-10 23:21 - 2021-12-11 10:50 - 000000000 ____D C:\Program Files (x86)\Origin 2021-12-10 23:20 - 2021-12-11 20:45 - 000000000 ____D C:\ProgramData\Origin 2021-12-10 23:20 - 2021-12-10 23:20 - 000000000 ____D C:\Users\48512\.QtWebEngineProcess 2021-12-10 23:20 - 2021-12-10 23:20 - 000000000 ____D C:\Users\48512\.Origin ==================== Trzy miesiące (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-03-06 10:57 - 2021-09-13 12:54 - 000000000 ____D C:\Users\48512\AppData\Roaming\discord 2022-03-06 10:48 - 2021-09-13 12:34 - 000000000 ____D C:\Program Files (x86)\Steam 2022-03-06 10:42 - 2021-09-13 13:39 - 000000000 ____D C:\Users\48512\AppData\Roaming\Spotify 2022-03-06 10:32 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-03-06 10:27 - 2021-09-13 12:28 - 000000000 ____D C:\Users\48512\AppData\Local\D3DSCache 2022-03-06 10:25 - 2021-11-20 12:06 - 000000000 ____D C:\Users\48512\AppData\Local\Spotify 2022-03-06 10:11 - 2021-05-28 13:11 - 001767980 _____ C:\Windows\system32\PerfStringBackup.INI 2022-03-06 10:11 - 2020-11-19 10:45 - 000784334 _____ C:\Windows\system32\perfh015.dat 2022-03-06 10:11 - 2020-11-19 10:45 - 000152230 _____ C:\Windows\system32\perfc015.dat 2022-03-06 10:11 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF 2022-03-06 10:07 - 2021-09-25 18:46 - 000000001 _____ C:\Windows\vgkbootstatus.dat 2022-03-06 10:07 - 2021-09-13 12:24 - 000000000 ____D C:\Users\48512\AppData\Local\Host App Service 2022-03-06 10:04 - 2021-05-28 13:09 - 000000000 ____D C:\ProgramData\NVIDIA 2022-03-06 10:04 - 2021-05-28 13:02 - 000008192 ___SH C:\DumpStack.log.tmp 2022-03-06 10:04 - 2021-05-28 13:02 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-03-06 00:25 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI 2022-03-05 23:27 - 2021-05-28 13:02 - 000000000 ____D C:\Windows\system32\SleepStudy 2022-03-05 13:00 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-03-05 13:00 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness 2022-03-05 11:22 - 2021-05-28 13:03 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-03-03 14:12 - 2021-09-25 17:54 - 000000000 ____D C:\Users\48512\AppData\Roaming\obs-studio 2022-03-02 16:04 - 2021-09-13 13:52 - 000000000 ____D C:\Users\48512\AppData\Local\CrashDumps 2022-03-02 14:29 - 2021-09-13 13:35 - 000004260 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1631536522 2022-03-02 14:29 - 2021-09-13 13:35 - 000001442 _____ C:\Users\48512\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera GX.lnk 2022-03-01 23:13 - 2021-11-19 15:22 - 000000000 ____D C:\Users\48512\AppData\Roaming\REAPER 2022-02-28 18:07 - 2021-09-13 12:28 - 000000000 ____D C:\Users\48512\AppData\Local\Packages 2022-02-28 17:58 - 2021-09-13 12:30 - 000000000 ____D C:\Users\48512\AppData\Local\PlaceholderTileLogoFolder 2022-02-27 13:49 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP 2022-02-26 23:18 - 2021-09-13 13:07 - 000000000 ____D C:\Users\48512\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2022-02-26 23:03 - 2021-09-19 09:03 - 000000000 ____D C:\Program Files\QuickCPU 2022-02-26 22:59 - 2021-09-13 12:28 - 000000000 ____D C:\Users\48512\AppData\Roaming\Adobe 2022-02-26 22:53 - 2021-09-13 12:55 - 000000000 ____D C:\Program Files\Common Files\AV 2022-02-26 22:53 - 2019-12-07 10:03 - 000032768 _____ C:\Windows\system32\config\ELAM 2022-02-26 22:48 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp 2022-02-26 22:38 - 2021-10-05 16:29 - 000000000 ____D C:\Users\48512\AppData\Local\Roblox 2022-02-26 22:14 - 2021-09-13 12:24 - 000000000 ____D C:\Users\48512 2022-02-26 18:40 - 2021-09-13 15:10 - 000000000 ____D C:\Program Files\Epic Games 2022-02-26 13:52 - 2021-09-19 09:57 - 000000000 ____D C:\Users\48512\Documents\xd 2022-02-26 13:39 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports 2022-02-25 20:56 - 2021-11-23 20:45 - 000119232 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll 2022-02-25 20:56 - 2021-09-13 12:46 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll 2022-02-25 20:56 - 2021-09-13 12:45 - 002236864 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll 2022-02-25 20:56 - 2021-09-13 12:45 - 000337360 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll 2022-02-25 20:56 - 2021-09-13 12:45 - 000218576 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll 2022-02-25 20:56 - 2021-09-13 12:45 - 000198120 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll 2022-02-25 20:56 - 2021-09-13 12:45 - 000062928 _____ (Microsoft Corporation) C:\Windows\system32\gamemodcontrol.exe 2022-02-24 23:04 - 2021-05-28 13:07 - 000000000 ____D C:\ProgramData\Package Cache 2022-02-24 14:23 - 2021-09-25 17:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio 2022-02-24 14:16 - 2021-09-13 16:04 - 000000000 ____D C:\Users\48512\Documents\Gaming 2022-02-24 14:15 - 2021-09-16 13:24 - 000000000 ____D C:\ProgramData\MTA San Andreas All 2022-02-21 13:55 - 2021-09-15 19:08 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2022-02-18 17:42 - 2021-09-27 17:37 - 000000000 ____D C:\Users\48512\AppData\Local\FiveM 2022-02-17 15:54 - 2021-11-07 14:48 - 000004800 _____ C:\ProgramData\rsEngine.config.backup 2022-02-17 15:54 - 2021-10-25 13:31 - 000001150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2022-02-17 15:54 - 2021-09-25 18:01 - 000000000 ____D C:\ProgramData\Riot Games 2022-02-17 15:54 - 2021-09-13 14:57 - 000001290 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk 2022-02-17 15:54 - 2020-08-18 15:21 - 000002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk 2022-02-17 15:49 - 2021-09-13 12:33 - 000001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\ExpressVPN.lnk 2022-02-17 15:49 - 2021-05-28 13:38 - 000000271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Planet9 Link.url 2022-02-17 15:30 - 2016-06-03 05:18 - 000008389 _____ C:\Windows\system32\$Acer$.cmd 2022-02-17 15:26 - 2021-09-13 13:55 - 000000000 ____D C:\Users\48512\AppData\Local\NVIDIA 2022-02-17 15:25 - 2021-05-28 13:09 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2022-02-16 15:26 - 2021-11-05 17:21 - 000000000 ____D C:\Users\48512\AppData\Roaming\Process Hacker 2 2022-02-11 15:28 - 2021-05-28 13:02 - 000439400 _____ C:\Windows\system32\FNTCACHE.DAT 2022-02-11 15:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2022-02-11 15:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources 2022-02-11 15:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE 2022-02-11 15:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX 2022-02-11 15:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism 2022-02-11 15:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser 2022-02-11 15:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences 2022-02-11 15:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2022-02-11 15:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr 2022-02-11 15:27 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing 2022-02-11 13:42 - 2021-05-28 13:04 - 002877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2022-02-09 09:09 - 2021-09-17 16:08 - 000000000 ____D C:\Windows\system32\MRT 2022-02-09 09:08 - 2021-09-17 16:08 - 149611728 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2022-02-09 08:05 - 2021-05-28 13:02 - 000000000 ____D C:\Windows\system32\Drivers\wd 2022-02-08 16:31 - 2021-05-28 13:09 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-02-08 16:31 - 2021-05-28 13:09 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-02-08 16:31 - 2021-05-28 13:09 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-02-08 16:31 - 2021-05-28 13:09 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-02-08 16:31 - 2021-05-28 13:09 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-02-08 16:31 - 2021-05-28 13:09 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-02-08 16:31 - 2021-05-28 13:09 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-02-08 16:31 - 2021-05-28 13:09 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2022-02-08 16:31 - 2021-05-28 13:09 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2022-02-08 16:30 - 2021-05-28 13:09 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-02-08 16:30 - 2021-05-28 13:09 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-02-07 18:59 - 2021-09-17 16:02 - 000000000 ____D C:\Users\48512\AppData\Roaming\Leppsoft ==================== Pliki w katalogu głównym wybranych folderów ======== 2022-01-05 21:01 - 2022-02-17 15:54 - 000645592 _____ () C:\ProgramData\sqlite3.dll 2022-01-14 21:40 - 2022-01-29 13:26 - 000000017 _____ () C:\Users\48512\AppData\Roaming\.cache3678791056.dat 2021-09-13 13:47 - 2021-09-13 13:47 - 000000047 _____ () C:\Users\48512\AppData\Roaming\.crystalinst 2022-01-05 20:58 - 2022-01-05 20:58 - 000000000 _____ () C:\Users\48512\AppData\Roaming\DF75.tmp 2022-01-05 20:58 - 2022-01-05 20:58 - 000000000 _____ () C:\Users\48512\AppData\Roaming\E830.tmp 2022-01-05 20:59 - 2022-01-05 20:59 - 000000000 _____ () C:\Users\48512\AppData\Roaming\F.tmp 2021-10-09 14:36 - 2021-11-07 14:40 - 000000173 _____ () C:\Users\48512\AppData\Roaming\jjv5conf.json ==================== FLock ============================== 2022-01-05 21:25 C:\Windows\SysWOW64\djxhfhfb ==================== SigCheckExt ========================= 2021-09-13 12:46 - 2022-02-25 20:56 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll 2022-02-22 13:23 - 2022-03-06 10:59 - 002312192 _____ (Farbar) C:\Users\48512\Documents\FRST64.exe 2022-01-05 21:01 - 2022-02-17 15:54 - 000645592 _____ C:\ProgramData\sqlite3.dll ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== BCD ================================ Firmware Boot Manager --------------------- identifier {fwbootmgr} displayorder {bootmgr} timeout 0 Windows Boot Manager -------------------- identifier {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale pl-PL inherit {globalsettings} default {current} resumeobject {5c9d5f60-c000-11eb-b0ca-98eecbde5fe0} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Windows Boot Loader ------------------- identifier {current} device partition=C: path \Windows\system32\winload.efi description Windows 10 locale pl-PL inherit {bootloadersettings} recoverysequence {5c9d5f62-c000-11eb-b0ca-98eecbde5fe0} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \Windows resumeobject {5c9d5f60-c000-11eb-b0ca-98eecbde5fe0} nx OptIn numproc 12 bootmenupolicy Standard usefirmwarepcisettings No Windows Boot Loader ------------------- identifier {5c9d5f62-c000-11eb-b0ca-98eecbde5fe0} device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{5c9d5f63-c000-11eb-b0ca-98eecbde5fe0} path \windows\system32\winload.efi description Windows Recovery Environment locale en-us inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{5c9d5f63-c000-11eb-b0ca-98eecbde5fe0} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Resume from Hibernate --------------------- identifier {5c9d5f60-c000-11eb-b0ca-98eecbde5fe0} device partition=C: path \Windows\system32\winresume.efi description Windows Resume Application locale pl-PL inherit {resumeloadersettings} recoverysequence {5c9d5f62-c000-11eb-b0ca-98eecbde5fe0} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Windows Memory Tester --------------------- identifier {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Windows Memory Diagnostic locale pl-PL inherit {globalsettings} badmemoryaccess Yes EMS Settings ------------ identifier {emssettings} bootems No Debugger Settings ----------------- identifier {dbgsettings} debugtype Local RAM Defects ----------- identifier {badmemory} Global Settings --------------- identifier {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Boot Loader Settings -------------------- identifier {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Hypervisor Settings ------------------- identifier {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Resume Loader Settings ---------------------- identifier {resumeloadersettings} inherit {globalsettings} Device options -------------- identifier {5c9d5f63-c000-11eb-b0ca-98eecbde5fe0} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume4 ramdisksdipath \Recovery\WindowsRE\boot.sdi Setup Ramdisk Options --------------------- identifier {ramdiskoptions} description Acer Recovery Management ramdisksdidevice partition=C: ramdisksdipath \TempHidden\SCD\boot\boot.sdi ==================== Koniec FRST.txt ========================