Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 25.03.2024 Uruchomiony przez Admin (administrator) DESKTOP-S6F8HHS (Micro-Star International Co., Ltd. MS-7B47) (27-03-2024 21:21:40) Uruchomiony z F:\Pulpit\FRST64.exe Załadowane profile: Sky & Admin Platforma: Microsoft Windows 10 Pro Wersja 22H2 19045.4170 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\engine\prism\SteelSeriesPrism.exe (C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe (explorer.exe ->) (Mullvad VPN) [Brak podpisu cyfrowego] C:\Program Files\Mullvad VPN\Mullvad VPN.exe <4> (explorer.exe ->) (Nota, Inc. -> Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe (explorer.exe ->) (RME GmbH -> RME) C:\Windows\System32\madifaceusb.exe (explorer.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10> (Mozilla Corporation -> Mozilla Corporation) C:\Users\Sky\AppData\Local\Mozilla Firefox\firefox.exe <16> (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe (services.exe ->) (Mullvad VPN AB -> Mullvad VPN AB) C:\Program Files\Mullvad VPN\resources\mullvad-daemon.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9270560 2019-05-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [15415120 2024-03-15] (SteelSeries ApS -> SteelSeries ApS) HKLM\...\Run: [MadifaceeUsbTray1] => C:\Windows\system32\madifaceusb.exe [488896 2024-01-22] (RME GmbH -> RME) HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Ograniczenia <==== UWAGA HKU\S-1-5-21-305602353-1245497719-3960861739-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd) HKU\S-1-5-21-305602353-1245497719-3960861739-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe (Brak pliku) HKU\S-1-5-21-305602353-1245497719-3960861739-1001\...\Run: [KeePass Password Safe 2] => F:\Pulpit\KeePass-2.44\KeePass.exe [3302288 2024-02-04] (Open Source Developer, Dominik Reichl -> Dominik Reichl) HKU\S-1-5-21-305602353-1245497719-3960861739-1001\...\Run: [SteamServerBrowser] => "C:\Users\Sky\AppData\Roaming\SteamServerBrowser\SteamServerBrowser.exe" (Brak pliku) HKU\S-1-5-21-305602353-1245497719-3960861739-1001\...\Run: [ProductAuthenticationService] => "C:\Users\Sky\AppData\Roaming\ProductAuthenticationService\pas.exe" /nogui (Brak pliku) <==== UWAGA HKU\S-1-5-21-305602353-1245497719-3960861739-1001\...\Run: [net.mullvad.vpn] => C:\Program Files\Mullvad VPN\Mullvad VPN.exe [166136320 2023-12-06] (Mullvad VPN) [Brak podpisu cyfrowego] HKU\S-1-5-21-305602353-1245497719-3960861739-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [941416 2022-10-11] (Nota, Inc. -> Nota Inc.) HKU\S-1-5-21-305602353-1245497719-3960861739-1001\...\Run: [MicrosoftEdgeAutoLaunch_6807E98C6840AB80F244EA91A0244843] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060712 2024-03-14] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-305602353-1245497719-3960861739-1001\...\Run: [Discord] => C:\Users\Sky\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub) HKU\S-1-5-21-305602353-1245497719-3960861739-1002\...\Run: [Gyazo] => [X] HKLM\Software\...\AppCompatFlags\Custom\H3Blade.exe: [{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb] -> HoMM III Compatibility Database Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Database.kdbx — skrót .lnk [2019-07-11] <==== UWAGA ShortcutTarget: Database.kdbx — skrót .lnk -> F:\Pulpit\Database.kdbx () [Brak podpisu cyfrowego] <==== UWAGA GroupPolicy: Ograniczenia ? <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {962DD5C0-6FB4-4BE1-962C-EB5973AECF92} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe --cistrayUI (Brak pliku) Task: {E15450F9-32B0-42CD-8BED-474D799D969A} - System32\Tasks\AIDA64 AutoStart => C:\Program Files (x86)\FinalWire\AIDA64 Extreme\aida64.exe [19656656 2018-03-27] (FinalWire Kft. -> FinalWire Ltd.) Task: {6280BE6E-9492-4E0C-98FB-D5F146228FFC} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => "C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --cistrayUI (Brak pliku) Task: {CE2BF243-70A2-4EF9-A0CE-CF328E75182D} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {06A09C0F-DD9C-4191-A670-71115CD78627} (Brak pliku) Task: {B54C24D0-3481-4783-AB5F-1E41834F1B71} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {947247B5-026A-4437-9371-770782BE839D} (Brak pliku) Task: {D5498390-8C5A-486C-8EB1-EC6D11160F65} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} (Brak pliku) Task: {14BCA0A8-2333-4763-A4BD-AF3EC50FF138} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => "C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --telemetry (Brak pliku) Task: {5DDBA56C-1F44-4F90-A519-0E3DE7F00295} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {A6D52E4F-569B-4756-B3D8-DF217313DA85} (Brak pliku) Task: {037DD923-BBB5-4F5C-8425-47E33DE64327} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5610344 2024-03-13] (Microsoft Windows -> Microsoft Corporation) Task: {87EBF451-43C7-4051-B803-75DBBA99331B} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [11254608 2022-10-11] (Nota, Inc. -> Nota Inc.) Task: {8DD6BACB-984E-491D-B3DD-3266AE2C2F04} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [11254608 2022-10-11] (Nota, Inc. -> Nota Inc.) Task: {47B21D7A-C196-441B-ADBE-575E1C2452F7} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => %windir%\system32\EOSNotify.exe (Brak pliku) Task: {6EC40564-3376-4B2C-ABBD-352ECB6DC64E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D6F13DE2-BB13-4C48-AE9F-F06BE12F120F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4F734E55-E065-4390-A6D0-C54617030531} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {74AD4834-D229-4D7F-B7B7-A113048E1002} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {99101111-EE20-418D-ABA0-3DAD0CA6A00B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" (Brak pliku) Task: {3C74CD6D-FE18-4747-9866-5A77C6681909} - System32\Tasks\Mozilla\Firefox Default Browser Agent 7C5FDB9EF3A39DC4 => C:\Users\Sky\AppData\Local\Mozilla Firefox\default-browser-agent.exe [34720 2024-03-13] (Mozilla Corporation -> Mozilla Foundation) Task: {6AD03EE3-0B3D-426D-A838-0F18603D7564} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {8DD8D915-235A-42F5-BFC3-711D39F361FB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {284C3D4A-7DEE-4B02-8771-6AA9F2D24B7B} - System32\Tasks\update-S-1-5-21-305602353-1245497719-3960861739-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate (Brak pliku) Task: {CD95C7BC-9A86-4EC5-A831-F898C7F13B7F} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate (Brak pliku) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\update-S-1-5-21-305602353-1245497719-3960861739-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) ProxyServer: [S-1-5-21-305602353-1245497719-3960861739-1001] => 10.64.0.1:1080 Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{2585e86e-129e-4837-b7c7-acc097c348f4}: [DhcpNameServer] 192.168.118.159 Tcpip\..\Interfaces\{ce5b7189-ff6f-4871-832b-8b16d8e40c0d}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-02] Edge Extension: (uBlock Origin) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2022-07-02] FireFox: ======== FF DefaultProfile: 4vo9t6je.default FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4vo9t6je.default [2019-11-24] FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2632c4fb.default-release [2023-06-11] FF Extension: (uBlock Origin) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2632c4fb.default-release\Extensions\uBlock0@raymondhill.net.xpi [2019-11-24] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 ArmouryLiveUpdate; C:\WINDOWS\System32\DriverStore\FileRepository\rogms.inf_amd64_94d9766656ff6011\ArmouryLiveUpdate.exe [576216 2021-08-30] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) S4 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [678256 2022-11-29] (ASUSTeK COMPUTER INC. -> ASUS) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3729512 2018-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-03-16] (Malwarebytes Inc. -> Malwarebytes) R2 MullvadVPN; C:\Program Files\Mullvad VPN\resources\mullvad-daemon.exe [21429464 2023-12-06] (Mullvad VPN AB -> Mullvad VPN AB) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522184 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation) S3 SteelSeriesGGUpdateServiceProxy; C:\Program Files\SteelSeries\GG\SteelSeriesGGUpdateServiceProxy.exe [1500608 2023-09-18] (SteelSeries ApS -> ) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe [3191272 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe [133688 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [45696 2018-03-27] (FinalWire Kft. -> ) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [280064 2022-10-12] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [147968 2022-04-20] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-06-23] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-06-23] (Disc Soft Ltd -> Disc Soft Ltd) S3 madifaceu64; C:\WINDOWS\system32\drivers\madiface_usb_64.sys [335808 2024-01-22] (RME GmbH -> RME) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-12-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MpKsl62c7a177; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{90C241F6-DC09-4036-83B7-4336FF1D824E}\MpKslDrv.sys [300312 2024-03-27] (Microsoft Windows -> Microsoft Corporation) R3 mullvad-split-tunnel; C:\Program Files\Mullvad VPN\resources\mullvad-split-tunnel.sys [90736 2023-12-06] (Mullvad VPN AB -> Mullvad VPN AB) S3 MullvadWireGuard; C:\WINDOWS\System32\drivers\mullvad-wireguard.sys [498664 2022-03-17] (Mullvad VPN AB -> WireGuard LLC) S3 ROGKB; C:\WINDOWS\System32\DriverStore\FileRepository\rogkb.inf_amd64_9c19fffb5d62d536\ROGKB.sys [33680 2021-08-30] (ASUSTeK Computer Inc. -> ) S3 ROGMS; C:\WINDOWS\System32\DriverStore\FileRepository\rogms.inf_amd64_94d9766656ff6011\ROGMS.sys [33184 2021-08-30] (ASUSTeK Computer Inc. -> ) S3 smrtkrnl; C:\WINDOWS\System32\Drivers\smrtkrnl.sys [775224 2019-07-24] (Eikonect Software SL -> ) R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [43456 2023-12-19] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS) R3 sshid; C:\WINDOWS\system32\DRIVERS\sshid.sys [44480 2024-03-01] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 SteelSeries_Sonar_VAD; C:\WINDOWS\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_da15ab44a6216a8e\SteelSeries-Sonar-VAD.sys [95440 2023-03-17] (SteelSeries ApS -> Windows (R) Win 7 DDK provider) S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project) S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [44976 2018-06-01] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) S3 ToppingUsbAudio; C:\WINDOWS\System32\drivers\ToppingUsbAudio.sys [374824 2019-06-26] (Microsoft Windows Hardware Compatibility Publisher -> ) S3 ToppingUsbAudioks; C:\WINDOWS\System32\drivers\ToppingUsbAudioks.sys [53800 2019-06-26] (Microsoft Windows Hardware Compatibility Publisher -> ) S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [235832 2019-01-28] (Oracle Corporation -> Oracle Corporation) R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20928 2024-03-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [603416 2024-03-13] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105752 2024-03-13] (Microsoft Windows -> Microsoft Corporation) S3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29592 2023-01-30] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) U4 CmdAgent; Brak ImagePath S3 NDivert; \SystemRoot\System32\drivers\NDivert.sys [X] S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-03-27 21:20 - 2024-03-27 21:22 - 000000000 ____D C:\FRST 2024-03-27 21:05 - 2024-03-27 21:05 - 000000000 ____D C:\WINDOWS\Panther 2024-03-20 13:04 - 2024-03-20 13:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2024-03-19 20:05 - 2024-03-19 20:05 - 000000000 ____D C:\ProgramData\Package Cache 2024-03-19 20:05 - 2024-03-19 20:05 - 000000000 ____D C:\ProgramData\obs-studio-hook 2024-03-16 23:39 - 2024-03-16 23:39 - 000000000 ____D C:\ProgramData\PLUG 2024-03-16 21:44 - 2024-03-16 21:44 - 000000000 ____D C:\ProgramData\USOPrivate 2024-03-16 21:33 - 2024-03-16 21:33 - 000000000 ____D C:\Users\Admin\AppData\Local\T.I.S 2024-03-16 19:35 - 2024-03-16 19:35 - 000000000 ____D C:\Users\Admin\AppData\Roaming\VS Revo Group 2024-03-16 19:06 - 2024-03-16 19:12 - 000189248 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0 2024-03-16 19:00 - 2024-03-16 19:00 - 000000000 ____D C:\ProgramData\Origin 2024-03-16 18:58 - 2024-03-16 18:58 - 000000856 _____ C:\Users\Sky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\procexp64.lnk 2024-03-13 21:35 - 2024-03-27 21:07 - 000000000 ____D C:\Users\Sky\AppData\Local\Mozilla Firefox 2024-03-13 20:26 - 2024-03-13 20:26 - 000019530 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json 2024-03-13 20:26 - 2024-03-13 20:26 - 000019530 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2024-03-13 20:20 - 2024-03-13 20:20 - 000000000 ___HD C:\$WinREAgent 2024-03-04 20:33 - 2024-03-16 19:36 - 000000000 ____D C:\ProgramData\Garmin 2024-03-04 20:33 - 2024-03-04 20:34 - 000000000 ____D C:\Users\Sky\AppData\Local\Garmin 2024-03-04 20:33 - 2024-03-04 20:33 - 000000000 ____D C:\Users\Sky\AppData\Local\Garmin_Ltd._or_its_subsid ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-03-27 21:12 - 2020-09-07 17:20 - 001767984 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-03-27 21:12 - 2019-12-07 16:09 - 000784340 _____ C:\WINDOWS\system32\perfh015.dat 2024-03-27 21:12 - 2019-12-07 16:09 - 000152236 _____ C:\WINDOWS\system32\perfc015.dat 2024-03-27 21:12 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2024-03-27 21:07 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-03-27 21:06 - 2021-12-23 19:48 - 000000000 ____D C:\Users\Sky\AppData\Local\Mullvad VPN 2024-03-27 21:05 - 2021-12-23 19:47 - 000000000 ____D C:\ProgramData\Mullvad VPN 2024-03-27 21:05 - 2020-09-07 17:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-03-27 21:05 - 2020-09-07 17:11 - 000008192 ___SH C:\DumpStack.log.tmp 2024-03-27 21:05 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2024-03-27 21:05 - 2018-06-23 10:38 - 000000000 ____D C:\ProgramData\NVIDIA 2024-03-27 21:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2024-03-27 20:57 - 2018-07-24 14:05 - 000000000 ____D C:\Users\Sky\AppData\Local\CrashDumps 2024-03-27 20:52 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2024-03-27 20:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-03-27 20:52 - 2019-11-24 20:29 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages 2024-03-27 20:51 - 2019-11-24 20:35 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Spelling 2024-03-27 20:50 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2024-03-27 20:42 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-03-27 20:12 - 2020-09-07 17:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-03-27 17:54 - 2019-05-24 18:46 - 000000000 ____D C:\Users\Sky\AppData\Roaming\qBittorrent 2024-03-27 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2024-03-27 15:06 - 2023-06-11 12:55 - 000000000 ____D C:\Program Files (x86)\Steam 2024-03-27 14:51 - 2018-06-23 11:23 - 000000000 ____D C:\Users\Sky\AppData\Roaming\AIMP 2024-03-26 19:33 - 2022-02-16 08:14 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2024-03-26 17:14 - 2020-09-07 17:19 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-03-26 17:14 - 2020-09-07 17:19 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-03-24 17:32 - 2019-06-08 21:25 - 000000000 ____D C:\Users\Sky\AppData\Roaming\vlc 2024-03-23 20:18 - 2021-12-02 19:34 - 000000000 ____D C:\Users\Sky\AppData\Roaming\discord 2024-03-23 20:18 - 2021-12-02 19:34 - 000000000 ____D C:\Users\Sky\AppData\Local\Discord 2024-03-23 11:25 - 2018-08-12 16:24 - 000000000 ____D C:\Users\Sky\AppData\Local\D3DSCache 2024-03-22 07:31 - 2023-12-14 22:33 - 000000000 ____D C:\Program Files\RUXIM 2024-03-21 21:22 - 2023-12-20 10:46 - 000000000 ____D C:\Users\Sky\AppData\Local\Malwarebytes 2024-03-20 13:04 - 2019-06-08 21:18 - 000000000 ____D C:\Program Files\VideoLAN 2024-03-19 20:46 - 2022-12-01 17:11 - 000000000 ____D C:\Users\Sky\AppData\Roaming\steelseries-gg-client 2024-03-19 19:37 - 2020-09-07 17:13 - 000000000 ____D C:\Users\Sky\AppData\Roaming\Microsoft\Windows 2024-03-16 22:23 - 2021-11-09 04:15 - 000239576 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2024-03-16 18:58 - 2021-01-24 15:20 - 000036192 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS 2024-03-16 12:41 - 2023-01-17 09:38 - 000002286 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2024-03-16 12:41 - 2020-06-21 11:58 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-03-16 12:25 - 2021-09-16 07:01 - 000001322 _____ C:\Users\Sky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2024-03-14 19:37 - 2020-09-07 17:11 - 000481920 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2024-03-13 22:38 - 2019-12-07 16:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2024-03-13 22:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2024-03-13 22:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2024-03-13 22:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2024-03-13 22:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2024-03-13 22:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2024-03-13 22:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-03-13 22:38 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2024-03-13 20:26 - 2020-09-07 17:16 - 003017216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2024-03-13 20:20 - 2018-07-25 06:51 - 000000000 ____D C:\WINDOWS\system32\MRT 2024-03-13 20:18 - 2018-07-25 06:51 - 190470136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2024-03-13 20:17 - 2018-08-12 15:59 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2024-03-08 10:23 - 2018-06-23 10:29 - 000000000 ____D C:\Users\Sky\AppData\Local\Packages 2024-03-02 14:51 - 2022-09-06 21:47 - 000000000 ____D C:\Users\Admin\AppData\Local\NVIDIA 2024-03-02 14:51 - 2019-11-24 20:31 - 000000000 ____D C:\Users\Admin\AppData\Local\NVIDIA Corporation 2024-03-02 14:51 - 2018-06-23 10:38 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2024-03-02 14:51 - 2018-06-23 10:37 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2024-03-02 14:51 - 2018-06-23 10:36 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2024-03-02 11:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2024-03-01 10:34 - 2023-09-18 18:35 - 000044480 _____ (SteelSeries ApS) C:\WINDOWS\system32\Drivers\sshid.sys 2024-02-27 20:57 - 2018-08-12 16:08 - 000000000 ___RD C:\Users\Sky\3D Objects ==================== Pliki w katalogu głównym wybranych folderów ======== 2019-12-14 20:45 - 2022-11-22 17:43 - 000007596 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================