Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 19.04.2024 01 Uruchomiony przez Knugi (administrator) DESKTOP-PQL0A4D (MSI MS-7A64) (03-05-2024 23:39:25) Uruchomiony z D:\Multimedia\pierwszy taniec\Patryk\FRST\FRST64.exe Załadowane profile: Knugi Platforma: Microsoft Windows 10 Pro Wersja 22H2 19045.4291 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (explorer.exe ->) () [Brak podpisu cyfrowego] C:\Program Files (x86)\OSCAR Editor X7\OSCAR Editor X7\OscarEditor.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <40> (explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe <2> (svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2414.10.0_x64__cv1g1gvanyjgm\WhatsApp.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2401.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9050632 2016-11-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Nahimic2UILauncher] => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [705208 2016-09-23] (A-Volute -> ) HKLM\...\Run: [MouseDriver] => TiltWheelMouse.exe (Brak pliku) HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3023152 2024-04-24] (Riot Games, Inc. -> Riot Games, Inc.) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4514304 2014-08-26] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1944576 2013-03-07] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-22] (Kilonova LLC -> ) HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [180224 2009-07-27] (PowerISO Computing, Inc.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-1499004397-2618698325-2207626577-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4384104 2024-03-06] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-1499004397-2618698325-2207626577-1001\...\Run: [Discord] => C:\Users\Knugi\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub) HKU\S-1-5-21-1499004397-2618698325-2207626577-1001\...\Run: [Knugi] => explorer.exe hxxp://dinoklafbzor.org (Brak pliku) <==== UWAGA HKU\S-1-5-21-1499004397-2618698325-2207626577-1001\...\Run: [MicrosoftEdgeAutoLaunch_C0EC69E8652424ED8092841AFB8F21AD] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4082112 2024-04-26] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1499004397-2618698325-2207626577-1001\...\Run: [NoxMultiPlayer] => D:\Program Files\Nox\bin\MultiPlayerManager.exe [3892008 2022-12-07] (Nox Limited -> ) HKU\S-1-5-21-1499004397-2618698325-2207626577-1001\...\Run: [Opera Browser Assistant] => C:\Users\Knugi\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3916232 2022-12-20] (Opera Norway AS -> Opera Software) HKU\S-1-5-21-1499004397-2618698325-2207626577-1001\...\Run: [RiotClient] => E:\Riot Games\Riot Client\RiotClientServices.exe [71898448 2024-05-02] (Riot Games, Inc. -> Riot Games, Inc.) HKU\S-1-5-21-1499004397-2618698325-2207626577-1001\...\Run: [OscarEditor] => C:\Program Files (x86)\OSCAR Editor X7\OSCAR Editor X7\OscarEditor.exe [5861376 2015-04-27] () [Brak podpisu cyfrowego] HKU\S-1-5-21-1499004397-2618698325-2207626577-1001\...\Run: [Wargaming.net Game Center] => G:\Wargaming.net\GameCenter\wgc.exe [2189080 2024-02-03] (Wargaming Group Limited -> Wargaming.net) HKU\S-1-5-21-1499004397-2618698325-2207626577-1001\...\MountPoints2: F - "F:\DisneySplash.exe" HKU\S-1-5-21-1499004397-2618698325-2207626577-1001\...\MountPoints2: M - "M:\Start.exe" HKU\S-1-5-21-1499004397-2618698325-2207626577-1001\...\MountPoints2: N - "N:\setup.exe" HKU\S-1-5-21-1499004397-2618698325-2207626577-1001\...\MountPoints2: {e181c454-95d8-11ed-9c91-4ccc6abca557} - "M:\RTK_NIC_DRIVER_INSTALLER.sfx.exe" HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\124.0.6367.119\Installer\chrmstp.exe [2024-05-03] (Google LLC -> Google LLC) GroupPolicy: Ograniczenia ? <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {99866B7C-4FA5-4343-911B-86D33CB7853E} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem126.0.6441.0{A801DAF2-69B6-465F-94B8-F319325915C8} => C:\Program Files (x86)\Google\GoogleUpdater\126.0.6441.0\updater.exe [4789536 2024-04-26] (Google LLC -> Google LLC) Task: {64D09502-0BCB-4E31-BCED-C1855527B32C} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation) Task: {9B67F973-EAFE-4279-9D20-A5C12CB10D6F} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [64936 2020-11-13] (Microsoft Corporation -> Microsoft) Task: {F0ED3EF3-0715-44D3-AEBB-5C405B8EDA6C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {29439E63-95B1-4D19-BB77-C4496A4608AD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A904351D-C51E-464F-BBDB-1BB7F9FD6530} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4164AF6B-F257-489D-8BD2-3B74FFB86049} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {DA9114C1-9D49-40F3-BD86-A9280F38DFF6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Brak pliku) Task: {D41B6C51-EAD0-4A09-89A4-A8D519695770} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Brak pliku) Task: {61E973AA-8B3F-4951-B148-80B47575F69D} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe (Brak pliku) Task: {16663230-BB2B-4831-B864-ECEA61D3E3C0} - System32\Tasks\Nahimic2Svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe [2039992 2016-09-23] (A-Volute -> ) Task: {05FD46E3-5897-4C28-911D-87AA7827E3EB} - System32\Tasks\Nahimic2Svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe [512184 2016-09-23] (A-Volute -> ) Task: {868A9F42-F691-4A78-A371-586BDF2EA1F7} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [705208 2016-09-23] (A-Volute -> ) Task: {5482117E-8DC7-46B6-B1A3-66AA6BBF2C95} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790568 2019-02-20] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {6875E708-D56F-4A84-89FD-5C22F6F223B0} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790568 2019-02-20] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {1F645ED4-B1BF-4621-AA2D-E64661536EA2} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3724328 2019-02-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {DC9AFE3C-DEE0-413E-BA45-09B96709AD97} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [702504 2019-02-20] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler Task: {F3B2A1A2-089A-4A16-9B55-01BDA3C31E92} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [840744 2019-02-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {47BECC5D-70AB-4469-B306-67B965BDB2E4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [840744 2019-02-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {138CAEA3-B587-4D9C-8AB4-38CF0C673F3B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [572456 2019-02-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {4C66F0AF-DE50-4173-A71C-5B35CACB230B} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-02-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B3274D56-8866-4893-8646-32D03FE70AC6} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-02-20] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\Update Core\/noshim Task: {8BEBE3D0-2667-4865-B8BD-B1410F1DBFAE} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-02-20] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\Update Core\/noshim Task: {BB49DF1B-189E-452E-A578-AA009660FD9F} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-02-20] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\Update Core\/noshim Task: {CD8D347E-B0BD-41AB-BF7E-2874BC09709F} - System32\Tasks\Opera scheduled Autoupdate 1602608204 => C:\Users\Knugi\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5668768 2024-04-25] (Opera Norway AS -> Opera Software) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: 127.0.0.1 updater4.kilu.de Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{47014a1f-f61b-498d-b0ea-f0345005507b}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{67cf37b1-7c22-4aac-b9e4-dd5c264f8375}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{67cf37b1-7c22-4aac-b9e4-dd5c264f8375}\05F434F4028553020527F6025374: [DhcpNameServer] 192.168.217.240 Tcpip\..\Interfaces\{67cf37b1-7c22-4aac-b9e4-dd5c264f8375}\255646D696: [DhcpNameServer] 192.168.1.194 Tcpip\..\Interfaces\{67cf37b1-7c22-4aac-b9e4-dd5c264f8375}\96E6475627E65647: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{67cf37b1-7c22-4aac-b9e4-dd5c264f8375}\96E6475627E65647: [DhcpDomain] internet.domowy Tcpip\..\Interfaces\{b65a1660-8a87-44ff-b585-cbd2f7e16b76}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{bc045c26-fd3e-42b4-a5d4-4e400f09379a}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{bc045c26-fd3e-42b4-a5d4-4e400f09379a}: [DhcpDomain] internet.domowy Tcpip\..\Interfaces\{cd94d1f8-7de4-49ff-8573-43114eaa7fb6}: [DhcpNameServer] 192.168.121.205 Edge: ======= Edge Profile: C:\Users\Knugi\AppData\Local\Microsoft\Edge\User Data\Default [2024-05-03] Edge Extension: (Dokumenty Google offline) - C:\Users\Knugi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-01] Edge Extension: (Edge relevant text changes) - C:\Users\Knugi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-15] FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-02-01] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-02-01] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN) FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-03-05] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-03-05] (Oracle America, Inc. -> Oracle Corporation) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Knugi\AppData\Local\Google\Chrome\User Data\Default [2024-05-03] CHR Notifications: Default -> hxxps://6obcy.org; hxxps://jnaza.ethatwasall.work; hxxps://mail.google.com; hxxps://open-fm-01.salesmanagopush.com; hxxps://skript.pl; hxxps://worldbestposts.com; hxxps://www.facebook.com; hxxps://www.youtube.com; hxxps://www1.notifinfoback.com; hxxps://www10a.tabathaherman.pro; hxxps://x2convert.com CHR Session Restore: Default -> [funkcja włączona] CHR Extension: (AHA Music - Wyszukiwarka piosenek dla przeglądarki) - C:\Users\Knugi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf [2023-09-23] CHR Extension: (Video Downloader Professional) - C:\Users\Knugi\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2024-04-10] CHR Extension: (Dokumenty Google offline) - C:\Users\Knugi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-21] CHR Extension: (Vysor) - C:\Users\Knugi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2020-09-04] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Knugi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Video Ad Block Youtube) - C:\Users\Knugi\AppData\Local\Google\Chrome\User Data\Default\Extensions\okepkpmjhegbhmnnondmminfgfbjddpb [2024-04-30] CHR Profile: C:\Users\Knugi\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-09-23] CHR Profile: C:\Users\Knugi\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-04-04] CHR Extension: (Dokumenty Google offline) - C:\Users\Knugi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-03] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Knugi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-19] CHR Profile: C:\Users\Knugi\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-02-01] CHR Extension: (Prezentacje) - C:\Users\Knugi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-02-01] CHR Extension: (Dokumenty) - C:\Users\Knugi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2022-02-01] CHR Extension: (Dysk Google) - C:\Users\Knugi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-02-01] CHR Extension: (YouTube) - C:\Users\Knugi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-02-01] CHR Extension: (Arkusze) - C:\Users\Knugi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-02-01] CHR Extension: (Dokumenty Google offline) - C:\Users\Knugi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-01] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Knugi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-01] CHR Extension: (Gmail) - C:\Users\Knugi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-02-01] CHR Profile: C:\Users\Knugi\AppData\Local\Google\Chrome\User Data\Profile 3 [2024-04-21] CHR Extension: (Dokumenty Google offline) - C:\Users\Knugi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-04] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Knugi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-30] CHR Profile: C:\Users\Knugi\AppData\Local\Google\Chrome\User Data\System Profile [2022-04-30] Opera: ======= OPR DefaultProfile: Default ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-06-10] (BattlEye Innovations e.K. -> ) S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] S2 GoogleUpdaterInternalService126.0.6441.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6441.0\updater.exe [4789536 2024-04-26] (Google LLC -> Google LLC) S2 GoogleUpdaterService126.0.6441.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6441.0\updater.exe [4789536 2024-04-26] (Google LLC -> Google LLC) S4 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-12-12] (Huawei Technologies Co., Ltd. -> ) [Brak podpisu cyfrowego] S4 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Brak podpisu cyfrowego] S3 Rockstar Service; E:\Program Files\Rockstar Games Launcher\RockstarService.exe [6669296 2024-03-10] (Rockstar Games, Inc. -> Rockstar Games) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522184 2024-04-09] (Microsoft Windows Publisher -> Microsoft Corporation) S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9649288 2024-04-24] (Riot Games, Inc. -> Riot Games, Inc.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe [3199648 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe [133576 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [69024 2019-05-29] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com) S3 htcnprot; C:\WINDOWS\system32\DRIVERS\htcnprot.sys [36928 2013-10-17] (HTC Corp. -> Windows (R) Win 7 DDK provider) R3 MpKsl9b554bb7; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9605631C-99C2-400C-B9B4-2A1D9DB1210D}\MpKslDrv.sys [301336 2024-05-03] (Microsoft Windows -> Microsoft Corporation) S3 rtump64x64; C:\WINDOWS\System32\drivers\rtump64x64.sys [1049936 2022-02-25] (Realtek Semiconductor Corp. -> Realtek Corporation) R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [90544 2009-07-27] (Fenghua Lee -> PowerISO Computing, Inc.) R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> ) R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> ) R3 UHSfiltv; C:\WINDOWS\system32\drivers\UHSfiltv.sys [32264 2015-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.) S3 usbscan; C:\WINDOWS\system32\DRIVERS\usbscan.sys [49664 2022-07-14] (Microsoft Corporation) [Brak podpisu cyfrowego] R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [21935504 2024-04-24] (Riot Games, Inc. -> Riot Games, Inc.) R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20936 2024-04-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [14464 2011-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [601376 2024-04-10] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105760 2024-04-10] (Microsoft Windows -> Microsoft Corporation) R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [312776 2022-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Nox Limited Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-05-03 23:37 - 2024-05-03 23:39 - 000000000 ____D C:\FRST 2024-05-03 10:32 - 2024-05-03 10:32 - 000000000 _____ C:\Users\Public\Documents\CcAddAppList.mod 2024-05-03 10:26 - 2024-05-03 10:32 - 000000000 _____ C:\ProgramData\CcAddAppList.mod 2024-05-03 00:30 - 2024-05-03 00:30 - 000000000 ___HD C:\$WinREAgent 2024-05-03 00:28 - 2024-05-03 00:28 - 001493553 _____ C:\Ralink_Win764.zip 2024-05-02 20:15 - 2024-05-03 10:32 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat 2024-05-02 20:14 - 2024-05-02 20:14 - 000000000 ____D C:\Program Files\Riot Vanguard 2024-04-24 11:13 - 2024-04-24 11:13 - 002472616 _____ C:\Users\Knugi\Downloads\SOLARMAN-DTSD422-D-Instrukcja-pl2.pdf 2024-04-24 11:13 - 2024-04-24 11:13 - 001926857 _____ C:\Users\Knugi\Downloads\SOLARMAN-DTSD422-D3-Karta-produktu-pl4.pdf 2024-04-09 21:53 - 2024-04-09 21:53 - 000020861 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json 2024-04-09 21:53 - 2024-04-09 21:53 - 000020861 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2024-04-04 01:13 - 2024-04-04 01:13 - 001263374 _____ C:\Users\Knugi\Desktop\LR4-72HPH-450M_karta.prod.pdf ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-05-03 22:54 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-05-03 22:20 - 2019-02-22 21:30 - 000000000 ____D C:\ProgramData\NVIDIA 2024-05-03 16:05 - 2021-03-09 00:46 - 001767984 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-05-03 16:05 - 2019-12-07 17:09 - 000784340 _____ C:\WINDOWS\system32\perfh015.dat 2024-05-03 16:05 - 2019-12-07 17:09 - 000152236 _____ C:\WINDOWS\system32\perfc015.dat 2024-05-03 16:05 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2024-05-03 16:02 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2024-05-03 16:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-05-03 10:33 - 2019-02-22 20:58 - 000000000 ____D C:\Users\Knugi\AppData\Local\Packages 2024-05-03 10:32 - 2024-02-26 07:24 - 000000000 ____D C:\Users\Knugi\AppData\Roaming\riot-client-ux 2024-05-03 10:32 - 2020-11-13 21:15 - 000001799 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019.lnk 2024-05-03 10:32 - 2020-11-13 21:13 - 000001359 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk 2024-05-03 10:32 - 2020-06-02 20:00 - 000002491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-05-03 10:32 - 2019-12-07 17:43 - 000000970 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk 2024-05-03 10:32 - 2019-02-28 20:45 - 000000000 ____D C:\ProgramData\Riot Games 2024-05-03 10:32 - 2019-02-24 15:35 - 000001104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk 2024-05-03 10:32 - 2019-02-22 21:12 - 000000000 ____H C:\ProgramData\DP45977C.lfl 2024-05-03 10:26 - 2021-11-04 19:26 - 000001189 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2024-05-03 10:26 - 2020-02-09 15:58 - 000001950 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk 2024-05-03 01:59 - 2021-03-09 00:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-05-03 00:40 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-05-03 00:20 - 2023-02-09 19:03 - 000000000 ____D C:\Program Files\dotnet 2024-05-03 00:20 - 2019-02-22 21:06 - 000000000 ____D C:\ProgramData\Package Cache 2024-05-03 00:16 - 2021-12-18 17:25 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-05-03 00:16 - 2019-02-22 21:14 - 000002350 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-05-03 00:16 - 2019-02-22 21:14 - 000002309 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2024-05-02 23:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2024-05-02 20:15 - 2021-03-09 00:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-05-02 20:15 - 2021-03-09 00:36 - 000008192 ___SH C:\DumpStack.log.tmp 2024-05-02 20:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2024-05-02 20:14 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2024-05-01 22:03 - 2019-03-26 21:12 - 000000000 ____D C:\Program Files (x86)\Steam 2024-05-01 21:15 - 2024-02-24 15:19 - 000000000 ____D C:\Users\Knugi\Desktop\kolorowanki 2024-05-01 21:15 - 2019-05-23 13:32 - 000023707 _____ C:\WINDOWS\BRRBCOM.INI 2024-05-01 21:00 - 2019-11-18 14:56 - 000000000 ____D C:\Program Files\Cheat Engine 7.0 2024-04-30 15:39 - 2023-11-27 22:39 - 000011056 _____ C:\Users\Knugi\Desktop\Nowy OpenDocument Arkusz kalkulacyjny.ods 2024-04-30 10:19 - 2023-02-05 17:58 - 000004308 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1602608204 2024-04-30 10:19 - 2020-10-13 18:56 - 000001435 _____ C:\Users\Knugi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk 2024-04-28 21:44 - 2021-12-12 22:29 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1499004397-2618698325-2207626577-1001 2024-04-28 21:44 - 2021-03-09 00:44 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1499004397-2618698325-2207626577-1001 2024-04-28 21:44 - 2021-03-09 00:38 - 000002472 _____ C:\Users\Knugi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-04-25 22:01 - 2020-05-28 21:36 - 000000000 ____D C:\Users\Knugi\AppData\Local\Nox 2024-04-25 21:33 - 2022-12-28 21:38 - 000000000 ____D C:\Users\Knugi\Desktop\PokemonBot 2024-04-25 19:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat 2024-04-24 10:49 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2024-04-24 07:23 - 2021-03-09 00:36 - 000296360 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2024-04-24 07:22 - 2023-12-15 22:13 - 000000000 ____D C:\WINDOWS\InboxApps 2024-04-24 07:22 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2024-04-24 07:22 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2024-04-24 07:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2024-04-24 07:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2024-04-24 07:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2024-04-24 07:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs 2024-04-24 07:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2024-04-24 07:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2024-04-24 07:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-04-18 08:34 - 2022-04-20 22:15 - 000000000 ____D C:\Users\Knugi\Desktop\kornel 2024-04-17 23:21 - 2019-05-30 21:05 - 000000000 ____D C:\Users\Knugi\AppData\Roaming\Discord 2024-04-17 22:57 - 2019-05-30 21:05 - 000000000 ____D C:\Users\Knugi\AppData\Local\Discord 2024-04-15 23:24 - 2019-03-10 10:46 - 000000000 ____D C:\Users\Knugi\AppData\Local\D3DSCache 2024-04-14 20:00 - 2019-05-30 21:05 - 000002276 _____ C:\Users\Knugi\Desktop\Discord.lnk 2024-04-10 18:17 - 2019-03-03 17:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2024-04-09 21:53 - 2021-03-09 00:37 - 003017216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2024-04-09 20:30 - 2019-02-22 21:55 - 000000000 ____D C:\WINDOWS\system32\MRT 2024-04-09 20:27 - 2019-02-22 21:55 - 192651728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2024-04-09 20:19 - 2023-05-11 11:14 - 000000000 ____D C:\Users\Knugi\Desktop\tata 2024-04-04 20:41 - 2021-03-09 00:44 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-04-04 20:41 - 2021-03-09 00:44 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore ==================== Pliki w katalogu głównym wybranych folderów ======== 2023-11-15 00:00 - 2023-11-18 14:01 - 000000002 _____ () C:\Users\Knugi\AppData\Roaming\ExplorerFavorites.txt 2019-03-06 23:18 - 2023-08-23 21:16 - 000000889 _____ () C:\Users\Knugi\AppData\Roaming\jd-gui.cfg 2019-05-01 21:21 - 2021-05-04 20:28 - 000004608 _____ () C:\Users\Knugi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2019-05-25 14:10 - 2019-05-25 14:10 - 000000001 _____ () C:\Users\Knugi\AppData\Local\llftool.4.40.agreement 2019-05-13 17:38 - 2019-05-15 20:16 - 000000128 _____ () C:\Users\Knugi\AppData\Local\PUTTY.RND 2019-02-23 23:48 - 2024-01-30 02:43 - 000007596 _____ () C:\Users\Knugi\AppData\Local\Resmon.ResmonCfg 2021-01-26 21:31 - 2021-01-26 21:31 - 000000003 _____ () C:\Users\Knugi\AppData\Local\updater.log 2022-09-19 17:41 - 2022-09-19 17:43 - 000000069 _____ () C:\Users\Knugi\AppData\Local\update_progress.txt 2021-01-26 21:31 - 2021-01-26 21:31 - 000000424 _____ () C:\Users\Knugi\AppData\Local\UserProducts.xml ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================