Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 12-03-2023 Uruchomiony przez aandr (administrator) DESKTOP-SE3F40D (Micro-Star International Co., Ltd MS-7B86) (13-03-2023 15:13:01) Uruchomiony z C:\Users\aandr\Downloads Załadowane profile: aandr Platform: Microsoft Windows 11 Home Wersja 22H2 22621.1344 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe (A-Volute SAS -> A-Volute) C:\Windows\System32\NhNotifSys.exe (C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe (C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe (C:\Program Files\Portrait Displays\AOC G-Menu\DisplayTuneService.exe ->) (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) C:\Program Files\Portrait Displays\AOC G-Menu\CTHelper.exe (cmd.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (DriverStore\FileRepository\u0385558.inf_amd64_a02c8b890e9f278a\B385477\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0385558.inf_amd64_a02c8b890e9f278a\B385477\atieclxx.exe (explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\71.0.3.0\crashpad_handler.exe <2> (explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\71.0.3.0\GoogleDriveFS.exe <7> (explorer.exe ->) (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) C:\Program Files\Portrait Displays\AOC G-Menu\DisplayTune.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (services.exe ->) (ABBYY Production LLC -> ABBYY Production LLC) C:\Program Files (x86)\Common Files\ABBYY\FineReader\15\Licensing\NetworkLicenseServer.exe (services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe (services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0385558.inf_amd64_a02c8b890e9f278a\B385477\atiesrxx.exe (services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe (services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) D:\Program Files (x86)\Origin\OriginWebHelperService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\NisSrv.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe (services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordUpdater\NordUpdateService.exe (services.exe ->) (nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe (services.exe ->) (Podatnik S.A. -> Podatnik S.A.) C:\Program Files (x86)\Podatnik.info\PIT pro 2021\pproupd.exe (services.exe ->) (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) C:\Program Files\Portrait Displays\AOC G-Menu\DisplayTuneService.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_eb52bf0d4dccfcf3\RtkAudUService64.exe <2> (sihost.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe (svchost.exe ->) (IntegrityCheck) [Brak podpisu cyfrowego] C:\Users\aandr\AppData\Roaming\IntegrityCheck\IntegrityCheck.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\aandr\AppData\Local\Microsoft\OneDrive\23.043.0226.0001\FileCoAuth.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23012.167.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.5900.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_eb52bf0d4dccfcf3\RtkAudUService64.exe [3479488 2022-04-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [AOC G-Menu] => C:\Program Files\Portrait Displays\AOC G-Menu\DisplayTune.exe [5588768 2019-08-13] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) HKLM\...\Run: [DisplayTune.exe] => C:\Program Files\Portrait Displays\AOC G-Menu\DisplayTune.exe [5588768 2019-08-13] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) HKLM-x32\...\Run: [WidgetPodatnikInfo] => C:\Program Files (x86)\Podatnik.info\PIT pro 2021\Widget.exe [270248 2023-03-04] (Podatnik S.A. -> Podatnik S.A.) HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [126403424 2022-03-21] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [Jabra Direct] => C:\Program Files (x86)\Jabra\Direct6\jabra-direct.exe [123464016 2022-11-14] (GN AUDIO A/S -> GN Audio A/S) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKLM\Software\Policies\...\system: [EnableSmartScreen] 0 HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\71.0.3.0\GoogleDriveFS.exe [52571928 2023-03-04] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\71.0.3.0\GoogleDriveFS.exe [52571928 2023-03-04] (Google LLC -> Google, Inc.) HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\71.0.3.0\GoogleDriveFS.exe [52571928 2023-03-04] (Google LLC -> Google, Inc.) HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [4253032 2023-02-14] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\Run: [FACEIT] => C:\Users\aandr\AppData\Local\FACEIT\update.exe [2278576 2022-07-30] (FACE IT LIMITED -> ) HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\Run: [Discord] => C:\Users\aandr\AppData\Local\Discord\Update.exe [1525032 2022-08-08] (Discord Inc. -> GitHub) HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\Run: [MicrosoftEdgeAutoLaunch_0161A854AD8EBB4DB3F7D07CA14F66CD] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4242384 2023-03-09] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\Run: [AMDNoiseSuppression] => "C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe" (Brak pliku) HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\Run: [G-Menu] => C:\G-Menu\G-Menu.exe --openAsHidden (Brak pliku) HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\Policies\Explorer: [DisallowRun] 1 HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\Policies\Explorer\DisallowRun: [1] Autoruns.exe HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\Policies\Explorer\DisallowRun: [2] Autoruns64.exe HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\Policies\Explorer\DisallowRun: [3] Autoruns64a.exe HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\Policies\Explorer\DisallowRun: [4] autorunsc.exe HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\Policies\Explorer\DisallowRun: [5] autorunsc64.exe HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\Policies\Explorer\DisallowRun: [6] autorunsc64a.exe HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\Policies\Explorer\DisallowRun: [7] RogueKiller_setup.exe HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\Policies\Explorer\DisallowRun: [8] taskschd.msc HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\Policies\Explorer\DisallowRun: [9] mmc.exe HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\71.0.3.0\GoogleDriveFS.exe [52571928 2023-03-04] (Google LLC -> Google, Inc.) HKLM\...\Print\Monitors\PDF-XChange5-ABBYY-FR15: C:\Windows\system32\pxc50pmaf15.dll [57328 2018-12-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) HKLM\Software\...\AppCompatFlags\Custom\Heroes3.exe: [{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb] -> GOG.com Heroes of Might and Magic 3 HKLM\Software\...\AppCompatFlags\InstalledSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb [2012-11-28] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\111.0.5563.64\Installer\chrmstp.exe [2023-03-10] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0B98B809-4BF6-4752-A22C-F4356D845D50} - System32\Tasks\TempClean2 => "wevtutil.exe" cl System Task: {1F980E09-2EFD-4B3B-9B6F-7829F7E7DEB3} - System32\Tasks\AMDInstallUEP => C:\Program Files\AMD\InstallUEP\AMDInstallUEP.exe (Brak pliku) Task: {2163C846-7E71-445C-89F5-3D6E1FBB7FE5} - System32\Tasks\NahimicSvc64Run => C:\Windows\system32\NahimicSvc64.exe [1094824 2021-10-08] (A-Volute SAS -> Nahimic) Task: {25DE426B-75B2-4B2B-9AD7-DCFCE9F7A440} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114656 2023-03-04] (Microsoft Corporation -> Microsoft Corporation) Task: {2A232D42-9091-4869-AEE1-0AEA8695D6F4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-16] (Google LLC -> Google LLC) Task: {404E7860-5D1D-46B0-AF11-81112AE9CE4E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MpCmdRun.exe [1645864 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4D504CDC-E9F2-44F5-B8B2-E59513F9719D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114656 2023-03-04] (Microsoft Corporation -> Microsoft Corporation) Task: {5BCBEA7D-CF53-4A02-B4AD-4F569A440A81} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MpCmdRun.exe [1645864 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {80B8F0E6-6531-4CFB-8AD9-C2DB7AB8BCC9} - System32\Tasks\TempClean3 => "vssadmin.exe" delete shadows /all /quiet Task: {845BCBDF-9E31-48A6-BDC4-86F1E2B7A6F7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MpCmdRun.exe [1645864 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {85B1B321-850F-45FB-981E-4EE5113AD277} - System32\Tasks\TempClean1 => "wevtutil.exe" cl Application Task: {A30EC73A-06F1-402D-BB26-FCC7A0ACFA1C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26294704 2023-03-04] (Microsoft Corporation -> Microsoft Corporation) Task: {A799123F-C205-43A1-BD1D-97E903CC5668} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MpCmdRun.exe [1645864 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B1A52C9B-82C6-4146-8001-98FABFF88A1D} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [954808 2022-10-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {BD741302-9242-4B17-8B47-2D3C56342422} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-16] (Google LLC -> Google LLC) Task: {BEB91D8A-91FE-4725-B73A-508BFC523C2F} - System32\Tasks\IntegrityCheck => C:\Users\aandr\AppData\Roaming\IntegrityCheck\IntegrityCheck.exe [275193686 2021-12-14] (IntegrityCheck) [Brak podpisu cyfrowego] <==== UWAGA Task: {CCD7236D-24E2-46D1-A00D-DD024CDC325B} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [833704 2021-10-08] (A-Volute SAS -> Nahimic) Task: {E4BD11D7-AA57-499E-8286-0C7D95316042} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26294704 2023-03-04] (Microsoft Corporation -> Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{c801737e-e8ee-4911-8d78-4dd431eeca3f}: [DhcpNameServer] 192.168.0.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\aandr\AppData\Local\Microsoft\Edge\User Data\Default [2023-02-23] FireFox: ======== FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\aandr\AppData\Local\Google\Chrome\User Data\Default [2023-03-13] CHR Notifications: Default -> hxxps://app.revolut.com; hxxps://www.faceit.com; hxxps://www.filmweb.pl CHR HomePage: Default -> hxxps://www.google.pl/ CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.google.com/","hxxps://nokia.sharepoint.com/sites/nokiacentral","hxxps://newtab.club/" CHR Session Restore: Default -> [funkcja włączona] CHR Extension: (Polska Ciasteczkowa Zgoda) - C:\Users\aandr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bniijddcmabghibaojbkbnngbedopbno [2022-10-08] CHR Extension: (uBlock Origin) - C:\Users\aandr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-03-06] CHR Extension: (alerabat.com | kupony i cashback) - C:\Users\aandr\AppData\Local\Google\Chrome\User Data\Default\Extensions\dacdinoicboceafielngnmjjplncljhj [2023-01-17] CHR Extension: (Chrome Remote Desktop) - C:\Users\aandr\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2022-12-08] CHR Extension: (MetaMask) - C:\Users\aandr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-02-21] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\aandr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-24] CHR Extension: (Enhancer for YouTube™) - C:\Users\aandr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ponfpcnoihfmfllpaingbgckeeldkhle [2023-01-09] CHR HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 ABBYY.Licensing.FineReader.15.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\15\Licensing\NetworkLicenseServer.exe [1050864 2020-08-06] (ABBYY Production LLC -> ABBYY Production LLC) R2 AOCDTAOCGMenuService; C:\Program Files\Portrait Displays\AOC G-Menu\DisplayTuneService.exe [212768 2019-08-13] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8926168 2021-11-14] (BattlEye Innovations e.K. -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12512256 2023-03-04] (Microsoft Corporation -> Microsoft Corporation) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2022-07-27] (EasyAntiCheat Oy -> Epic Games, Inc) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2022-07-11] (Epic Games Inc. -> Epic Games, Inc.) S3 FACEITService; C:\Program Files\FACEIT AC\faceitservice.exe [25620360 2022-09-18] (FACE IT LIMITED -> ) S3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2022-10-05] (Microsoft Windows -> Microsoft Corporation) R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1888424 2021-10-08] (A-Volute SAS -> Nahimic) S3 nordsec-threatprotection-service; C:\Program Files\NordVPN\NordSec ThreatProtection\nordsec-threatprotection-service.exe [310136 2021-06-11] (nordvpn s.a. -> TEFINCOM S.A.) R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2022-11-21] (nordvpn s.a. -> nordvpn S.A.) R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [254328 2022-08-03] (nordvpn s.a. -> TEFINCOM S.A.) S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2579264 2023-02-07] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; D:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497800 2023-02-07] (Electronic Arts, Inc. -> Electronic Arts) R2 pproupd; C:\Program Files (x86)\Podatnik.info\PIT pro 2021\pproupd.exe [63912 2023-03-04] (Podatnik S.A. -> Podatnik S.A.) S3 Rockstar Service; D:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2703192 2022-12-30] (Rockstar Games, Inc. -> Rockstar Games) R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2023-03-04] (Microsoft Windows -> Microsoft Corporation) S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\UNCHEATER\ucldr_battlegrounds_gl.exe [7152880 2021-12-13] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2020-07-20] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) S3 VBoxSDS; D:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [749136 2022-09-01] (Oracle Corporation -> Oracle Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\NisSrv.exe [3224328 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MsMpEng.exe [133592 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation) R3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [140376 2023-03-04] (Microsoft Windows -> Microsoft Corporation) S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [8491720 2021-12-06] (PUBG CORPORATION -> PUBG Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [35344 2022-09-09] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [27256 2022-01-27] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc) R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_1a1a381a2c0e293c\amdsafd.sys [113056 2022-08-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices) S3 AmdTools64ICD; C:\WINDOWS\System32\drivers\AmdTools64ICD.sys [63408 2020-05-27] (Microsoft Windows Hardware Compatibility Publisher -> ) R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0385558.inf_amd64_a02c8b890e9f278a\B385477\amdkmdag.sys [94633328 2022-11-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [59920 2022-05-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91480 2022-10-05] (Microsoft Windows -> Microsoft Corporation) R1 CTIIO; C:\Windows\system32\drivers\CtiIo64.sys [17944 2021-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.) R1 FACEIT; C:\WINDOWS\System32\Drivers\FACEIT.sys [16516168 2022-09-18] (Microsoft Windows Hardware Compatibility Publisher -> ) R0 fse; C:\WINDOWS\System32\drivers\fse.sys [218464 2023-02-06] (Microsoft Windows -> Microsoft Corporation) S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-07] (Microsoft Windows -> Microsoft Corporation) R1 googledrivefs31092; C:\WINDOWS\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.) S3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [38544 2018-12-13] (Feature Integration Technology Inc -> FINTEK Corp.) R2 mi2c; C:\WINDOWS\system32\drivers\mi2c.sys [20784 2023-03-13] (AOC International (Europe) GmbH -> Nicomsoft Ltd.) S3 MpKsl42eb1637; C:\Windows\system32\MpEngineStore\MpKslDrv.sys [134376 2021-12-23] (Microsoft Windows -> Microsoft Corporation) R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd) R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [86224 2022-08-19] (A-Volute SAS -> Windows (R) Win 7 DDK provider) R2 NDivert; C:\Program Files\NordVPN\7.4.7.0\Drivers\NDivert.sys [131472 2022-06-28] (nordvpn s.a. -> Nordvpn S.A.) R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [44928 2022-02-22] (nordvpn s.a. -> TEFINCOM S.A.) R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2020-07-19] (CACE Technologies, Inc. -> CACE Technologies, Inc.) S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-07] (Microsoft Windows -> VMware, Inc.) S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-07] (Microsoft Windows -> ) R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_d6ca2f87b60a5c22\rt68cx21x64.sys [713152 2022-10-18] (Realtek Semiconductor Corp. -> Realtek) R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> ) R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> ) R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [49744 2022-07-14] (nordvpn s.a. -> The OpenVPN Project) S3 VBAudioVMVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2021-01-15] (Vincent Burel -> Windows (R) Win 7 DDK provider) R3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [242624 2022-09-01] (Oracle Corporation -> Oracle Corporation) R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [252528 2022-09-01] (Oracle Corporation -> Oracle Corporation) R1 VBoxSup; C:\WINDOWS\system32\DRIVERS\VBoxSup.sys [1081560 2022-09-01] (Oracle Corporation -> Oracle Corporation) S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [94208 2022-05-07] (Microsoft Windows -> ) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49624 2023-03-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [495912 2023-03-07] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99624 2023-03-07] (Microsoft Windows -> Microsoft Corporation) S3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29592 2023-02-10] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2023-03-04] (Microsoft Windows -> Microsoft Corporation) S1 epp; \??\C:\EEK\bin64\epp.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2023-03-13 15:13 - 2023-03-13 15:13 - 000026261 _____ C:\Users\aandr\Downloads\FRST.txt 2023-03-13 15:12 - 2023-03-13 15:13 - 000000000 ____D C:\FRST 2023-03-13 15:11 - 2023-03-13 15:11 - 002378752 _____ (Farbar) C:\Users\aandr\Downloads\FRST64.exe 2023-03-13 15:01 - 2023-03-13 15:01 - 000798244 _____ C:\WINDOWS\system32\perfh015.dat 2023-03-13 15:01 - 2023-03-13 15:01 - 000158294 _____ C:\WINDOWS\system32\perfc015.dat 2023-03-13 14:48 - 2023-03-13 14:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOC G-Menu 2023-03-13 14:48 - 2023-03-13 14:48 - 000000000 ____D C:\Program Files\Portrait Displays 2023-03-13 14:45 - 2023-03-13 14:45 - 001078633 _____ C:\Users\aandr\Downloads\Screen +.zip 2023-03-13 14:44 - 2023-03-13 14:44 - 014676008 _____ (Portrait Displays, Inc.) C:\Users\aandr\Downloads\AOC_G_Menu_Setup.exe 2023-03-13 14:40 - 2023-03-13 14:45 - 000000000 ____D C:\Program Files (x86)\i-Menu 2023-03-13 14:40 - 2023-03-13 14:40 - 000020784 _____ (Nicomsoft Ltd.) C:\WINDOWS\system32\Drivers\mi2c.sys 2023-03-13 13:55 - 2023-03-13 14:45 - 000000000 ____D C:\Users\aandr\AppData\Roaming\G-Menu 2023-03-13 13:55 - 2023-03-13 13:56 - 000000000 ____D C:\Users\aandr\AppData\Roaming\G_Menu 2023-03-13 13:55 - 2023-03-13 13:55 - 000000000 ____D C:\Users\aandr\AppData\Local\g-menu-updater 2023-03-13 13:55 - 2023-03-13 13:55 - 000000000 ____D C:\Users\aandr\AppData\Local\ASP.NET 2023-03-13 13:54 - 2023-03-13 14:45 - 000000000 ____D C:\G-Menu 2023-03-13 13:54 - 2023-03-13 13:54 - 130834248 _____ (AOC) C:\Users\aandr\Downloads\G-Menu_Setup_3.13.0.exe 2023-03-13 13:50 - 2023-03-13 13:50 - 000000000 ____D C:\Users\aandr\AppData\LocalLow\AMD 2023-03-13 13:49 - 2023-03-13 13:49 - 000003118 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher 2023-03-13 13:48 - 2023-03-13 13:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool 2023-03-13 13:47 - 2023-03-13 13:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ PRO Edition 2023-03-13 13:47 - 2022-11-10 22:17 - 000801200 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll 2023-03-13 13:47 - 2022-11-10 22:17 - 000678320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll 2023-03-13 13:47 - 2022-11-10 22:17 - 000606120 _____ C:\WINDOWS\system32\GameManager64.dll 2023-03-13 13:47 - 2022-11-10 22:17 - 000546704 _____ C:\WINDOWS\system32\libsmi_guest.dll 2023-03-13 13:47 - 2022-11-10 22:17 - 000542088 _____ C:\WINDOWS\system32\dgtrayicon.exe 2023-03-13 13:47 - 2022-11-10 22:17 - 000521136 _____ C:\WINDOWS\system32\libsmi_host.dll 2023-03-13 13:47 - 2022-11-10 22:17 - 000502144 _____ C:\WINDOWS\system32\EEURestart.exe 2023-03-13 13:47 - 2022-11-10 22:17 - 000459648 _____ C:\WINDOWS\SysWOW64\GameManager32.dll 2023-03-13 13:47 - 2022-11-10 22:17 - 000206216 _____ C:\WINDOWS\system32\mantle64.dll 2023-03-13 13:47 - 2022-11-10 22:17 - 000185736 _____ C:\WINDOWS\system32\mantleaxl64.dll 2023-03-13 13:47 - 2022-11-10 22:17 - 000163208 _____ C:\WINDOWS\SysWOW64\mantle32.dll 2023-03-13 13:47 - 2022-11-10 22:17 - 000147312 _____ C:\WINDOWS\SysWOW64\mantleaxl32.dll 2023-03-13 13:47 - 2022-11-10 22:17 - 000051120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll 2023-03-13 13:47 - 2022-11-10 22:17 - 000048008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll 2023-03-13 13:47 - 2022-11-10 22:16 - 000360800 _____ C:\WINDOWS\system32\clinfo.exe 2023-03-13 13:47 - 2022-11-10 22:15 - 000183648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll 2023-03-13 13:47 - 2022-11-10 22:15 - 000146816 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll 2023-03-13 13:47 - 2022-11-10 22:14 - 000170848 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll 2023-03-13 13:47 - 2022-11-10 22:13 - 075124064 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll 2023-03-13 13:47 - 2022-11-10 22:13 - 000940416 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe 2023-03-13 13:47 - 2022-11-10 22:13 - 000535424 _____ C:\WINDOWS\system32\atieah64.exe 2023-03-13 13:47 - 2022-11-10 22:13 - 000472912 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll 2023-03-13 13:47 - 2022-11-10 22:13 - 000404304 _____ C:\WINDOWS\SysWOW64\atieah32.exe 2023-03-13 13:47 - 2022-11-10 22:13 - 000266152 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll 2023-03-13 13:47 - 2022-11-10 22:13 - 000226688 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll 2023-03-13 13:47 - 2022-11-10 22:13 - 000210096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll 2023-03-13 13:47 - 2022-11-10 22:13 - 000172984 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll 2023-03-13 13:47 - 2022-11-10 22:13 - 000144208 _____ C:\WINDOWS\system32\atidxx64.dll 2023-03-13 13:47 - 2022-11-10 22:13 - 000118096 _____ C:\WINDOWS\SysWOW64\atidxx32.dll 2023-03-13 13:47 - 2022-11-10 22:13 - 000074608 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll 2023-03-13 13:47 - 2022-11-10 22:12 - 091458912 _____ C:\WINDOWS\system32\amd_comgr.dll 2023-03-13 13:47 - 2022-11-10 22:11 - 000138160 _____ C:\WINDOWS\system32\amdxc64.dll 2023-03-13 13:47 - 2022-11-10 22:11 - 000113544 _____ C:\WINDOWS\SysWOW64\amdxc32.dll 2023-03-13 13:47 - 2022-11-10 22:09 - 006997424 _____ C:\WINDOWS\system32\amdsmi.exe 2023-03-13 13:47 - 2022-11-10 22:08 - 000942992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll 2023-03-13 13:47 - 2022-11-10 22:07 - 001719776 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll 2023-03-13 13:47 - 2022-11-10 22:07 - 001395816 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll 2023-03-13 13:47 - 2022-11-10 22:07 - 000770952 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll 2023-03-13 13:47 - 2022-11-10 22:07 - 000470928 _____ C:\WINDOWS\system32\amdlogum.exe 2023-03-13 13:47 - 2022-11-10 22:07 - 000167016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll 2023-03-13 13:47 - 2022-11-10 22:07 - 000136448 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll 2023-03-13 13:47 - 2022-11-10 22:06 - 000186920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll 2023-03-13 13:47 - 2022-11-10 22:05 - 000567720 _____ C:\WINDOWS\system32\amdmiracast.dll 2023-03-13 13:47 - 2022-11-10 22:05 - 000176936 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll 2023-03-13 13:47 - 2022-11-10 22:05 - 000167048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll 2023-03-13 13:47 - 2022-11-10 22:05 - 000151080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll 2023-03-13 13:47 - 2022-11-10 22:05 - 000136456 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll 2023-03-13 13:47 - 2022-11-10 22:04 - 010567592 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll 2023-03-13 13:47 - 2022-11-10 22:04 - 000568192 _____ C:\WINDOWS\system32\amdgfxinfo64.dll 2023-03-13 13:47 - 2022-11-10 22:04 - 000432016 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll 2023-03-13 13:47 - 2022-11-10 21:41 - 080582784 _____ C:\WINDOWS\system32\amdxc64.so 2023-03-13 13:47 - 2022-10-25 19:16 - 002978040 _____ (AMD Inc.) C:\WINDOWS\SysWOW64\AMDBugReportTool.exe 2023-03-13 13:44 - 2023-03-13 13:44 - 000003502 _____ C:\WINDOWS\system32\Tasks\AMDInstallUEP 2023-03-13 13:43 - 2023-03-13 13:47 - 000000000 ____D C:\Program Files\AMD 2023-03-12 21:13 - 2023-03-12 21:13 - 000027048 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_89616231917720.dll 2023-03-09 21:16 - 2023-03-09 21:16 - 000027048 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_54029536663841.dll 2023-03-07 21:07 - 2023-03-07 21:07 - 000027048 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_337433884020.dll 2023-03-07 20:53 - 2023-03-07 20:53 - 000027048 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_21351856517165.dll 2023-03-07 18:19 - 2023-03-06 19:43 - 001537936 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll 2023-03-07 18:19 - 2023-03-06 19:43 - 001537936 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll 2023-03-07 18:19 - 2023-03-06 19:36 - 004349376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdadlx64.dll 2023-03-07 18:19 - 2023-03-06 19:36 - 004155792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdadlx32.dll 2023-03-07 18:15 - 2023-03-13 13:46 - 000000000 ____D C:\AMD 2023-03-06 16:17 - 2023-03-06 16:17 - 000027048 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_30426232364216.dll 2023-03-06 10:43 - 2023-03-06 10:43 - 000027048 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_276652349514.dll 2023-03-06 09:43 - 2023-03-06 09:43 - 000027048 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_6626671251642.dll 2023-03-06 07:52 - 2023-03-06 07:52 - 000027048 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_16055523957674.dll 2023-03-05 03:01 - 2023-03-05 03:01 - 000000000 ____D C:\Users\aandr\AppData\Local\DBG 2023-03-05 01:41 - 2023-03-05 01:41 - 000003578 _____ C:\WINDOWS\system32\Tasks\IntegrityCheck 2023-03-05 01:41 - 2023-03-05 01:41 - 000003250 _____ C:\WINDOWS\system32\Tasks\TempClean3 2023-03-05 01:41 - 2023-03-05 01:41 - 000003226 _____ C:\WINDOWS\system32\Tasks\TempClean1 2023-03-05 01:41 - 2023-03-05 01:41 - 000003216 _____ C:\WINDOWS\system32\Tasks\TempClean2 2023-03-05 01:28 - 2023-03-05 01:28 - 000000000 ____D C:\Users\aandr\AppData\Local\FLiNGTrainer 2023-03-05 00:51 - 2023-03-05 00:51 - 000208896 _____ C:\Users\aandr\AppData\Roaming\emp.bin 2023-03-04 23:00 - 2023-03-04 23:00 - 000000000 ____D C:\WINDOWS\system32\A-Volute 2023-03-04 23:00 - 2023-03-04 23:00 - 000000000 ____D C:\ProgramData\A-Volute 2023-03-04 22:58 - 2022-04-11 16:33 - 006189504 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys 2023-03-04 22:42 - 2023-02-24 00:44 - 002248024 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2023-03-04 22:42 - 2023-02-24 00:44 - 002248024 _____ C:\WINDOWS\system32\vulkaninfo.exe 2023-03-04 22:42 - 2023-02-24 00:44 - 001654664 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2023-03-04 22:42 - 2023-02-24 00:44 - 001654664 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2023-03-04 22:42 - 2023-02-24 00:44 - 001472944 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2023-03-04 22:42 - 2023-02-24 00:44 - 001472944 _____ C:\WINDOWS\system32\vulkan-1.dll 2023-03-04 22:42 - 2023-02-24 00:44 - 001196368 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2023-03-04 22:42 - 2023-02-24 00:44 - 001196368 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2023-03-04 22:42 - 2023-02-24 00:41 - 000524168 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2023-03-04 22:42 - 2023-02-24 00:41 - 000389512 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2023-03-04 22:42 - 2023-02-24 00:38 - 002266504 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsasrv64.dll 2023-03-04 22:42 - 2023-02-24 00:38 - 001320288 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsacli64.dll 2023-03-04 22:42 - 2023-02-24 00:38 - 001048968 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdsacli32.dll 2023-03-04 22:42 - 2022-11-10 22:06 - 000231744 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll 2023-03-04 22:19 - 2023-03-04 22:19 - 000000000 ___HD C:\$WinREAgent 2023-02-25 15:47 - 2023-03-05 00:44 - 000000000 ____D C:\ProgramData\Hogwarts Legacy 2023-02-25 15:47 - 2023-02-25 15:47 - 000000000 ____D C:\Users\aandr\AppData\Local\Phoenix 2023-02-22 12:11 - 2023-02-13 15:52 - 000132544 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll 2023-02-22 12:11 - 2023-02-13 15:52 - 000108448 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll 2023-02-20 05:21 - 2023-02-20 05:21 - 000007277 _____ C:\WINDOWS\Info.xml 2023-02-17 17:32 - 2023-02-17 17:47 - 000000000 ____D C:\ProgramData\HP 2023-02-17 17:27 - 2023-02-17 17:27 - 000038528 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsUpx.sys 2023-02-17 17:27 - 2023-02-17 17:27 - 000015144 _____ (Windows (R) 2003 DDK 3790 provider) C:\WINDOWS\SysWOW64\Drivers\rtport64.sys ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2023-03-13 15:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-03-13 15:01 - 2022-10-05 09:44 - 001797768 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-03-13 15:01 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF 2023-03-13 14:58 - 2022-10-05 09:37 - 000000000 ____D C:\Users\aandr\AppData\Local\D3DSCache 2023-03-13 14:56 - 2020-07-16 02:22 - 000000000 ____D C:\Program Files (x86)\Google 2023-03-13 14:54 - 2022-10-05 01:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-03-13 14:54 - 2022-10-05 01:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-03-13 14:54 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2023-03-13 14:54 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-03-13 14:54 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2023-03-13 14:54 - 2020-07-16 05:07 - 000012288 ___SH C:\DumpStack.log.tmp 2023-03-13 14:54 - 2020-07-15 23:16 - 000000000 ___RD C:\Users\aandr\OneDrive 2023-03-13 14:48 - 2023-01-25 10:36 - 000000000 ____D C:\ProgramData\Portrait Displays 2023-03-13 13:53 - 2021-02-06 11:54 - 000000000 ____D C:\Users\aandr\AppData\Local\AMD_Common 2023-03-13 13:51 - 2021-12-15 15:48 - 000000000 ____D C:\Users\aandr\AppData\Local\AMD 2023-03-13 13:47 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps 2023-03-13 13:47 - 2020-07-16 05:42 - 000000000 ____D C:\Program Files (x86)\AMD 2023-03-13 13:47 - 2020-07-15 23:14 - 000000000 ____D C:\Users\aandr\AppData\Local\Packages 2023-03-13 13:41 - 2020-07-17 11:16 - 000000000 ____D C:\Users\aandr\AppData\Roaming\TS3Client 2023-03-13 00:18 - 2022-10-05 01:38 - 000000000 ____D C:\Users\aandr 2023-03-13 00:04 - 2022-10-20 00:46 - 000000000 ____D C:\Users\aandr\AppData\Roaming\vlc 2023-03-12 19:33 - 2022-10-06 13:26 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-03-09 22:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState 2023-03-09 11:47 - 2022-10-05 01:42 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1917826487-3454705426-1309254147-1001 2023-03-09 11:47 - 2022-10-05 01:42 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1917826487-3454705426-1309254147-1001 2023-03-09 11:47 - 2020-07-15 23:13 - 000002427 _____ C:\Users\aandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-03-07 22:36 - 2021-02-25 15:29 - 000000000 ____D C:\Users\aandr\AppData\Local\CrashDumps 2023-03-07 18:22 - 2020-07-15 23:15 - 000000000 ____D C:\ProgramData\Packages 2023-03-07 18:12 - 2020-07-16 05:07 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2023-03-06 19:43 - 2022-10-08 23:12 - 002018712 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll 2023-03-06 18:18 - 2022-10-08 17:58 - 000000000 ____D C:\Users\aandr\AppData\Local\Discord 2023-03-06 18:18 - 2020-07-17 00:41 - 000000000 ____D C:\Users\aandr\AppData\Roaming\discord 2023-03-06 07:54 - 2022-07-12 20:15 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2023-03-05 03:00 - 2022-08-23 12:01 - 000000000 ____D C:\Users\aandr\Desktop\games 2023-03-05 02:47 - 2022-10-08 20:08 - 000000000 ____D C:\Users\aandr\AppData\Roaming\qBittorrent 2023-03-04 23:06 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2023-03-04 22:58 - 2020-07-16 05:46 - 000000000 ___HD C:\Program Files (x86)\Temp 2023-03-04 22:58 - 2020-07-16 05:45 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2023-03-04 22:57 - 2022-10-05 01:38 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK 2023-03-04 22:54 - 2020-07-16 05:45 - 000000000 ____D C:\Program Files (x86)\Realtek 2023-03-04 22:27 - 2022-10-05 01:38 - 000497496 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-03-04 22:26 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\lxss 2023-03-04 22:26 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS 2023-03-04 22:26 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2023-03-04 22:26 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources 2023-03-04 22:26 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-03-04 22:26 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\es-MX 2023-03-04 22:26 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Dism 2023-03-04 22:26 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser 2023-03-04 22:26 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences 2023-03-04 22:26 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents 2023-03-04 22:26 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Provisioning 2023-03-04 22:26 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2023-03-04 22:26 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-03-04 22:24 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-03-04 22:21 - 2022-10-05 01:40 - 003211264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2023-03-04 21:22 - 2022-10-05 01:42 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-03-04 21:22 - 2022-10-05 01:42 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-03-04 21:22 - 2022-04-05 14:05 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2023-03-04 21:22 - 2021-09-13 17:56 - 000001899 _____ C:\Users\Default\Desktop\Google Slides.lnk 2023-03-04 21:22 - 2021-09-13 17:56 - 000001899 _____ C:\Users\Default\Desktop\Google Sheets.lnk 2023-03-04 21:22 - 2021-09-13 17:56 - 000001887 _____ C:\Users\Default\Desktop\Google Docs.lnk 2023-02-25 15:47 - 2020-07-16 10:43 - 000000000 ____D C:\Users\aandr\AppData\Local\UnrealEngine 2023-02-23 13:07 - 2021-09-25 14:47 - 000000000 ____D C:\Users\aandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2023-02-23 13:00 - 2022-07-30 17:00 - 000000000 ____D C:\Users\aandr\AppData\Roaming\Code 2023-02-23 13:00 - 2022-07-30 16:41 - 000000444 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2023-02-23 11:35 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth 2023-02-16 00:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup 2023-02-15 20:36 - 2020-07-15 23:19 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-02-15 20:34 - 2020-07-15 23:19 - 149955784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Pliki w katalogu głównym wybranych folderów ======== 2023-03-05 00:51 - 2023-03-05 00:51 - 000208896 _____ () C:\Users\aandr\AppData\Roaming\emp.bin 2021-01-15 18:00 - 2021-01-15 18:00 - 000004659 _____ () C:\Users\aandr\AppData\Roaming\VoiceMeeterDefault.xml 2020-07-21 18:41 - 2020-07-21 18:41 - 000007598 _____ () C:\Users\aandr\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================