Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 30-08-2022 Uruchomiony przez XD (administrator) DESKTOP-JS216GC (17-09-2022 13:14:02) Uruchomiony z D:\Downloads Załadowane profile: XD & SQLTELEMETRY$SQLEXPRESS01 & ReportServer$SQLEXPRESS & MSSQL$SQLEXPRESS01 & MSSQLFDLauncher$SQLEXPRESS Platform: Microsoft Windows 10 Pro Wersja 21H2 19044.2006 (X64) Język: Angielski (Stany Zjednoczone) -> Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\fdhost.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesEngine.exe (C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesPrismSync.exe (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCopyAccelerator.exe (D:\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8> (Discord Inc. -> Discord Inc.) C:\Users\XD\AppData\Local\Discord\app-1.0.9006\Discord.exe <6> (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <45> (explorer.exe ->) (Spotify AB -> Spotify Ltd) C:\Users\XD\AppData\Roaming\Spotify\Spotify.exe <6> (explorer.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe (explorer.exe ->) (Valve Corp. -> Valve Corporation) D:\Steam\steam.exe (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) D:\Origin\OriginWebHelperService.exe (services.exe ->) (Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Intel(R) INTELND1617S2 -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS12.SQLEXPRESS\Reporting Services\ReportServer\bin\ReportingServicesService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS01\MSSQL\Binn\sqlceip.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS01\MSSQL\Binn\sqlservr.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_246e95e4066041ad\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> (services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIC.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-07-25] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-05-06] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [771528 2018-07-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [12836224 2022-08-26] (SteelSeries ApS -> SteelSeries ApS) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2380480 2016-05-31] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [OnScreen Control] => C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\OnScreenStartUpApp.exe [1820568 2020-10-19] (LG Electronics Inc. -> LG Electronics Inc.) HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [109324536 2021-03-12] (Microsoft Corporation -> Microsoft Corporation) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== UWAGA HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== UWAGA HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== UWAGA HKU\S-1-5-21-285615756-1620502320-1578345167-1001\...\Run: [Steam] => D:\Steam\steam.exe [4234600 2022-08-20] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-285615756-1620502320-1578345167-1001\...\Run: [DAEMON Tools Lite Automount] => D:\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd) HKU\S-1-5-21-285615756-1620502320-1578345167-1001\...\Run: [Spotify] => C:\Users\XD\AppData\Roaming\Spotify\Spotify.exe [19959672 2022-09-16] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-285615756-1620502320-1578345167-1001\...\Run: [Discord] => C:\Users\XD\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub) HKU\S-1-5-21-285615756-1620502320-1578345167-1001\...\Run: [Gaijin.Net Updater] => C:\Users\XD\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2374376 2020-12-03] (Gaijin Network LTD -> Gaijin) HKU\S-1-5-21-285615756-1620502320-1578345167-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\XD\AppData\Local\Microsoft\Teams\Update.exe [2455256 2021-10-07] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-285615756-1620502320-1578345167-1001\...\Run: [EpicGamesLauncher] => D:\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32706000 2022-08-15] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-285615756-1620502320-1578345167-1001\...\Policies\Explorer: [] HKU\S-1-5-21-285615756-1620502320-1578345167-1001\...\MountPoints2: {3297a512-c3a3-11e7-a8b4-7085c25932e9} - "F:\setup.exe" HKLM\Software\...\AppCompatFlags\Custom\Heroes3.exe: [{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb] -> GOG.com Heroes of Might and Magic 3 HKLM\Software\...\AppCompatFlags\InstalledSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb [2012-11-28] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\105.0.5195.127\Installer\chrmstp.exe [2022-09-15] (Google LLC -> Google LLC) GroupPolicy: Ograniczenia ? <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0011581B-C3B9-498D-BEFB-E6B26A40A8FC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23709120 2022-09-16] (Microsoft Corporation -> Microsoft Corporation) Task: {022BD160-5A1A-421D-AE68-CEA58D86044E} - System32\Tasks\Microsoft\VisualStudio\Updates\UpdateConfiguration_S-1-5-80-684135558-66954648-645343295-865517114-2956913369 => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXConfigurationUpdater.exe [23464 2021-09-19] (Microsoft Corporation -> Microsoft) Task: {084AFC87-EEE4-4013-B415-DE99509EFC5E} - System32\Tasks\Microsoft\VisualStudio\Updates\UpdateConfiguration_S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786 => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXConfigurationUpdater.exe [23464 2021-09-19] (Microsoft Corporation -> Microsoft) Task: {12119016-C0E2-40D4-865C-9420C4022C12} - System32\Tasks\AsrAPPShop => C:\Program Files (x86)\ASRock Utility\APP Shop\AsrAPPShop.exe [6179080 2017-04-25] (ASROCK Incorporation -> ) Task: {162B5A48-D6D0-4371-8F40-39C0A5ED6090} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {1BA77388-B0FA-4FAC-8303-D9C57FE9A599} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-30] (Google Inc -> Google Inc.) Task: {24F1768D-703E-4CF0-80D6-CE280D95B320} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {3285B44F-D923-4153-AB5A-349F76F718C7} - System32\Tasks\Microsoft\VisualStudio\Updates\UpdateConfiguration_S-1-5-21-285615756-1620502320-1578345167-1001 => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXConfigurationUpdater.exe [23464 2021-09-19] (Microsoft Corporation -> Microsoft) Task: {3C0B2256-A25D-4D9B-9AAD-58E72D74EE14} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {3E082800-48DE-4462-9A04-D5332632A305} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6602752 2022-09-16] (Microsoft Corporation -> Microsoft Corporation) Task: {42541C8B-E490-4BC8-BDA5-68843F5866EB} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {4E5643B6-7A20-45D5-B8FE-9AE108C871E1} - System32\Tasks\Microsoft\VisualStudio\Updates\UpdateConfiguration_S-1-5-80-3404462892-1987791245-2451609587-3755554482-3689831200 => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXConfigurationUpdater.exe [23464 2021-09-19] (Microsoft Corporation -> Microsoft) Task: {5D6BE7A7-5B87-4221-B49F-B52DBE4F65B9} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 15.0.437 => C:\Program Files (x86)\Microsoft Visual Studio\2017\Community\Common7\IDE\VSIXAutoUpdate.exe (Brak pliku) Task: {625C58CF-B6AB-4858-9850-661894ECE594} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation) Task: {6628E183-7219-471E-B338-69AFA3BC0A0D} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {6765999F-2188-441F-8AC0-4FDAEEB361A6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113560 2022-09-16] (Microsoft Corporation -> Microsoft Corporation) Task: {6998CBFF-4305-487C-A94B-12233E4EE057} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-JS216GC-XD => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {6A4966DB-3865-4DAC-9C1C-B79096A28D1D} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate Task: {78E43EC0-549B-400E-99AA-7ED1EE61A1F6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {8225003E-AE49-471F-ADD7-3551061B408E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {8B0F1E24-D1BA-48CA-9B20-EF9CF6D9D3FD} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {8C5E3116-724F-465E-8F0B-48F1AA49CE6E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {97B643E1-8C81-466F-BA4C-E3179C0FBCC8} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-JS216GC-XD => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-05-06] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {AD2FFDEC-9FCD-4E4E-9479-AB80E61F90BD} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [782320 2019-10-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> ) Task: {B035CD68-B799-4BA5-9826-0BFDC879D3AB} - System32\Tasks\Microsoft\VisualStudio\Updates\UpdateConfiguration_S-1-5-80-425977601-1203083412-1631309457-2457533047-3321749933 => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXConfigurationUpdater.exe [23464 2021-09-19] (Microsoft Corporation -> Microsoft) Task: {B9FA4EF2-F1CB-4294-A3B7-6CD18AAD0829} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {C7C2D3A6-72C6-4A6E-B135-BF6D71A9D38D} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA Task: {CE214BEE-BEF0-43B4-8FB2-656062E2EC00} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {D3E9A1E9-2575-4981-AFC6-785550142902} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXAutoUpdate.exe [211328 2021-09-19] (Microsoft Corporation -> ) Task: {E1276F73-8E52-472F-83DC-9E506A189382} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-30] (Google Inc -> Google Inc.) Task: {E35D6618-E802-4F74-A205-0CB55121FC09} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6602752 2022-09-16] (Microsoft Corporation -> Microsoft Corporation) Task: {E7B5CFE9-458F-4ADF-8A45-A24E2DC199B4} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [139448 2016-06-20] (Microsoft Corporation -> Microsoft Corporation) Task: {F3C37EC7-756C-431D-A921-A33091A10A8B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F8C8E177-BCC0-4472-89D4-CB83146CBB3D} - System32\Tasks\Microsoft\VisualStudio\Updates\UpdateConfiguration_S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133 => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXConfigurationUpdater.exe [23464 2021-09-19] (Microsoft Corporation -> Microsoft) Task: {F8E0327E-24C2-4884-BB95-88E643801FC5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23709120 2022-09-16] (Microsoft Corporation -> Microsoft Corporation) Task: {F8ECBF98-D29F-41E3-BE71-F85D24BBCABE} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {FF15C8E8-5EB6-49A4-A34B-F352B9F88BC4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113560 2022-09-16] (Microsoft Corporation -> Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{10cc9ecb-bb43-4b36-aba0-85041eff9bd0}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{f02ce4da-ba98-4813-a455-62faccb39579}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono] Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono] Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono] Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono] Edge DefaultProfile: Default Edge Profile: C:\Users\XD\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-16] Edge DownloadDir: Default -> D:\Downloads Edge Extension: (Magic Actions for YouTube™) - C:\Users\XD\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2021-09-17] Edge Extension: («You Clever» — videocombine for Youtube™) - C:\Users\XD\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\agdpdlplhmfgonalmdooaojempaoncmp [2020-07-15] Edge Extension: (Obudź ukrytą Moc) - C:\Users\XD\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\boeojddkbfhdgnnicgkgogjnbkdljibb [2020-07-15] Edge Extension: (minerBlock) - C:\Users\XD\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emikbbbebcdfohonlaifafnoanocnebl [2021-09-17] Edge Extension: (Eliminator Slajdów) - C:\Users\XD\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eplekpmdodlgejgogbojajncdlapamff [2020-07-15] Edge Extension: (Video Downloader PLUS) - C:\Users\XD\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2020-07-15] Edge Extension: (React Developer Tools) - C:\Users\XD\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fmkadmapgofadopljbjfkapdkoienihi [2022-09-16] Edge Extension: (Hola Free VPN Proxy Unblocker - Best VPN) - C:\Users\XD\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2021-09-17] Edge Extension: (That's Pretty Gay (iDubbbzTV)) - C:\Users\XD\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hdogcbcfgbefkhbhncmdkkladknhbdmo [2020-07-15] Edge Extension: (Rozszerzenie Cisco Webex) - C:\Users\XD\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2022-09-16] Edge Extension: (uBlock Origin) - C:\Users\XD\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2022-09-16] FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-19] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-19] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-05-31] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-05-31] (Adobe Systems Incorporated -> Adobe Systems) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\XD\AppData\Local\Google\Chrome\User Data\Default [2022-09-17] CHR DownloadDir: D:\Downloads CHR Notifications: Default -> hxxps://az-partners.hcmdeck.com; hxxps://calendar.google.com; hxxps://discordapp.com; hxxps://kfc.pl; hxxps://teams.microsoft.com; hxxps://tinder.com; hxxps://www.instagram.com; hxxps://www.otomoto.pl; hxxps://www.pyszne.pl CHR Extension: (Web Page to PDF Converter) - C:\Users\XD\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbfoccanbdeldjaelafmbgonagegdndg [2022-01-12] CHR Extension: (uBlock Origin) - C:\Users\XD\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-09-12] CHR Extension: (Tampermonkey) - C:\Users\XD\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2022-05-11] CHR Extension: (minerBlock) - C:\Users\XD\AppData\Local\Google\Chrome\User Data\Default\Extensions\emikbbbebcdfohonlaifafnoanocnebl [2021-02-01] CHR Extension: (Eliminator Slajdów) - C:\Users\XD\AppData\Local\Google\Chrome\User Data\Default\Extensions\eplekpmdodlgejgogbojajncdlapamff [2017-10-30] CHR Extension: (Return YouTube Dislike) - C:\Users\XD\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2022-08-09] CHR Extension: (Dokumenty Google offline) - C:\Users\XD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-25] CHR Extension: (That's Pretty Gay (iDubbbzTV)) - C:\Users\XD\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdogcbcfgbefkhbhncmdkkladknhbdmo [2019-08-09] CHR Extension: (Kopiowanie i wklejanie w aplikacjach Office Online) - C:\Users\XD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbmcpbgkhlpfcodhjhdbllhiaomkdej [2022-02-11] CHR Extension: (Disable JavaScript) - C:\Users\XD\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfpdlihdedhlmhlbgooailmfhahieoem [2021-08-21] CHR Extension: (Rozszerzenie Cisco Webex) - C:\Users\XD\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2022-07-22] CHR Extension: (MetaMask) - C:\Users\XD\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2022-09-15] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\XD\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [737984 2016-05-31] (Adobe Systems Incorporated -> Adobe Systems Incorporated) S3 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated) S3 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AzureAttestService; C:\Program Files\Microsoft\AzureAttestService\AzureAttestService.dll [151288 2019-07-24] (Microsoft Windows -> Microsoft Corporation) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6893704 2018-06-23] (BattlEye Innovations e.K. -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12131256 2022-09-16] (Microsoft Corporation -> Microsoft Corporation) S3 Disc Soft Lite Bus Service; D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2022-06-26] (EasyAntiCheat Oy -> Epic Games, Inc) S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-02-26] (EasyAntiCheat Oy -> Epic Games, Inc.) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2022-03-03] (Epic Games Inc. -> Epic Games, Inc.) S3 GalaxyClientService; D:\GOG Galaxy\GalaxyClientService.exe [1874272 2021-09-09] (GOG Sp. z o.o. -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-09-09] (GOG Sp. z o.o. -> GOG.com) R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation -> Microsoft Corporation) R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [370368 2015-06-10] (Microsoft Corporation -> Microsoft Corporation) R2 MSSQL$SQLEXPRESS01; C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS01\MSSQL\Binn\sqlservr.exe [624544 2022-04-29] (Microsoft Corporation -> Microsoft Corporation) R2 MSSQLFDLauncher$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe [50880 2014-02-21] (Microsoft Corporation -> Microsoft Corporation) S3 Origin Client Service; D:\Origin\OriginClientService.exe [2579272 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [3497808 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts) R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2017-12-01] (Even Balance, Inc. -> ) R2 ReportServer$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSRS12.SQLEXPRESS\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2450112 2014-02-21] (Microsoft Corporation -> Microsoft Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224192 2022-09-14] (Microsoft Windows Publisher -> Microsoft Corporation) S2 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2015-06-10] (Microsoft Corporation -> Microsoft Corporation) S4 SQLAgent$SQLEXPRESS01; C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS01\MSSQL\Binn\SQLAGENT.EXE [690088 2022-04-29] (Microsoft Corporation -> Microsoft Corporation) R2 SQLTELEMETRY$SQLEXPRESS01; C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS01\MSSQL\Binn\sqlceip.exe [284600 2022-04-29] (Microsoft Corporation -> Microsoft Corporation) S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\GG\SteelSeriesUpdateService.exe [35200 2022-08-26] (SteelSeries ApS -> ) S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [187904 2017-09-28] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-04-30] (Microsoft Corporation -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-09-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-09-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_246e95e4066041ad\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_246e95e4066041ad\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2017-10-30] (ASROCK Incorporation -> ASRock Incorporation) S3 atvi-brynhildr; C:\ProgramData\Battle.net_components\brynhildr_odin2\brynhildr.sys [2188544 2022-07-02] (Activision Publishing Inc -> Activision Blizzard, Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-11-07] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-11-07] (Disc Soft Ltd -> Disc Soft Ltd) R3 FocusriteUSB; C:\WINDOWS\System32\drivers\FocusriteUSB.sys [96400 2018-01-09] (Focusrite Audio Engineering Ltd. -> Focusrite Audio Engineering Ltd.) R3 FocusriteUSBAudio; C:\WINDOWS\system32\drivers\FocusriteUSBAudio.sys [54416 2018-01-09] (Focusrite Audio Engineering Ltd. -> Focusrite Audio Engineering Ltd.) R3 FocusriteUSBSwRoot; C:\WINDOWS\System32\drivers\FocusriteUSBSwRoot.sys [97936 2018-01-09] (Focusrite Audio Engineering Ltd. -> Focusrite Audio Engineering Ltd.) R3 MpKsl3b468f6a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F0995725-B3F9-4CFF-83DD-4ABE0950E913}\MpKslDrv.sys [228600 2022-09-17] (Microsoft Windows -> Microsoft Corporation) R3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [37824 2020-04-29] (SoftEther Corporation -> SoftEther Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation) S4 RsFx0300; C:\WINDOWS\System32\DRIVERS\RsFx0300.sys [247488 2014-02-21] (Microsoft Corporation -> Microsoft Corporation) S4 RsFx0600; C:\WINDOWS\System32\DRIVERS\RsFx0600.sys [286976 2019-09-24] (Microsoft Corporation -> Microsoft Corporation) S3 RvNetMP60; C:\WINDOWS\System32\drivers\RvNetMP60.sys [69048 2019-11-20] (Famatech Corp. -> Famatech Corp.) R1 SeLow; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [50624 2020-04-29] (SoftEther Corporation -> SoftEther Corporation) R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [315392 2022-08-09] (Microsoft Windows -> Microsoft Corporation) R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [48848 2020-09-25] (SteelSeries ApS -> SteelSeries ApS) R3 sshid; C:\WINDOWS\system32\DRIVERS\sshid.sys [43960 2022-08-18] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS) R3 SteelSeries_Sonar_VAD; C:\WINDOWS\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_ab95c13003d9c50f\SteelSeries-Sonar-VAD.sys [92912 2022-07-18] (SteelSeries ApS -> Windows (R) Win 7 DDK provider) S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-09-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [453904 2022-09-11] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94480 2022-09-11] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-09-17 13:13 - 2022-09-17 13:14 - 000000000 ____D C:\FRST 2022-09-16 21:06 - 2022-09-16 21:06 - 000000000 ____D C:\Users\XD\AppData\Roaming\Goodram 2022-09-16 20:11 - 2022-09-16 20:11 - 000000202 _____ C:\Users\XD\Desktop\Assetto Corsa.url 2022-09-14 21:03 - 2022-09-14 21:03 - 000413696 _____ C:\WINDOWS\system32\AzureCheck.dll 2022-09-14 21:03 - 2022-09-14 21:03 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-09-14 21:03 - 2022-09-14 21:03 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2022-09-14 21:03 - 2022-09-14 21:03 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2022-09-14 21:03 - 2022-09-14 21:03 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-09-14 20:59 - 2022-09-14 20:59 - 000000000 ___HD C:\$WinREAgent ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-09-17 13:15 - 2019-05-16 22:41 - 000000000 ____D C:\Users\XD\AppData\Roaming\Discord 2022-09-17 13:04 - 2017-10-30 17:24 - 000000000 ____D C:\Program Files (x86)\Google 2022-09-17 12:38 - 2019-05-16 22:41 - 000000000 ____D C:\Users\XD\AppData\Local\Discord 2022-09-17 12:25 - 2017-11-01 14:27 - 000000000 ____D C:\ProgramData\NVIDIA 2022-09-17 11:38 - 2018-05-17 13:24 - 000000000 ____D C:\Users\XD\AppData\Roaming\Spotify 2022-09-17 09:36 - 2018-05-17 13:25 - 000000000 ____D C:\Users\XD\AppData\Local\Spotify 2022-09-17 09:34 - 2021-04-18 23:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-09-17 08:59 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-09-17 08:54 - 2021-04-19 00:05 - 002284050 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-09-17 08:54 - 2021-04-18 15:45 - 000946588 _____ C:\WINDOWS\system32\perfh015.dat 2022-09-17 08:54 - 2021-04-18 15:45 - 000223782 _____ C:\WINDOWS\system32\perfc015.dat 2022-09-17 08:54 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2022-09-17 08:49 - 2021-04-19 00:01 - 000003136 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner 2022-09-16 22:44 - 2021-04-19 00:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-09-16 22:44 - 2021-04-18 23:52 - 000008192 ___SH C:\DumpStack.log.tmp 2022-09-16 22:39 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2022-09-16 22:37 - 2017-10-30 16:33 - 000000000 ____D C:\ProgramData\Package Cache 2022-09-16 22:36 - 2017-10-30 16:33 - 000000000 ____D C:\Program Files\Intel 2022-09-16 22:11 - 2018-11-18 15:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IK Multimedia 2022-09-16 22:11 - 2018-11-18 15:07 - 000000000 ____D C:\Program Files (x86)\IK Multimedia 2022-09-16 22:11 - 2018-11-18 15:06 - 000000000 ____D C:\Users\XD\Documents\IK Multimedia 2022-09-16 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-09-16 21:49 - 2017-11-01 20:55 - 000000000 ____D C:\Users\XD\AppData\Local\Packages 2022-09-16 21:49 - 2017-10-30 18:35 - 000000000 ____D C:\ProgramData\Skype 2022-09-16 21:48 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-09-16 19:18 - 2017-11-06 21:51 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2022-09-15 23:05 - 2017-10-30 17:25 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-09-14 22:21 - 2021-04-18 23:52 - 000459104 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-09-14 22:15 - 2019-12-07 11:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-09-14 22:15 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-09-14 22:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2022-09-14 22:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-09-14 22:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-09-14 22:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2022-09-14 22:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2022-09-14 22:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-09-14 22:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs 2022-09-14 22:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2022-09-14 22:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-09-14 21:04 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-09-14 21:03 - 2021-04-18 23:55 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-09-14 20:49 - 2021-01-13 17:44 - 000000000 ____D C:\Users\Default\.dotnet 2022-09-14 20:49 - 2017-11-03 16:36 - 000000000 ____D C:\Program Files\dotnet 2022-09-14 20:25 - 2017-10-30 19:27 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-09-14 20:22 - 2017-10-30 19:27 - 141646296 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-09-11 17:53 - 2019-10-15 15:05 - 000000000 ____D C:\ProgramData\SteelSeries 2022-09-11 12:34 - 2020-07-15 07:55 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-09-11 12:34 - 2020-07-15 07:55 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2022-09-11 12:31 - 2018-07-14 10:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2022-08-30 14:59 - 2021-04-19 00:01 - 000003570 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2022-08-30 14:59 - 2021-04-19 00:01 - 000003446 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2022-08-28 16:12 - 2017-10-30 18:46 - 000000000 ____D C:\ProgramData\Riot Games 2022-08-26 23:50 - 2017-11-15 19:21 - 000000000 ____D C:\Users\XD\AppData\Roaming\vlc 2022-08-26 22:47 - 2020-03-30 10:27 - 000000000 ____D C:\Users\XD\AppData\Roaming\tixati 2022-08-23 08:54 - 2021-04-19 00:01 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-08-23 08:54 - 2021-04-19 00:01 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-08-21 20:55 - 2017-11-03 17:17 - 000000000 ____D C:\Users\XD\AppData\Local\.IdentityService 2022-08-18 17:38 - 2019-05-24 22:53 - 000043960 _____ (SteelSeries ApS) C:\WINDOWS\system32\Drivers\sshid.sys ==================== Pliki w katalogu głównym wybranych folderów ======== 2018-11-18 15:07 - 2018-11-18 16:03 - 000000016 _____ () C:\Users\XD\AppData\Roaming\msregsvv.dll 2018-09-29 14:55 - 2018-09-29 14:55 - 000000000 _____ () C:\Users\XD\AppData\Local\oobelibMkey.log 2017-10-30 20:03 - 2017-10-30 20:03 - 000000017 _____ () C:\Users\XD\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================