Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 15-08-2022 Uruchomiony przez kryss (administrator) LAPTOP-JCREBS7D (Acer Nitro AN517-51) (24-08-2022 17:05:53) Uruchomiony z C:\Users\kryss\Downloads Załadowane profile: kryss & ArchestrADataStore & AIMTokenHost & InTouchDataService & AsbServiceManager & aaPim & psmsConsoleSrv & aahClientAccessPoint & Watchdog_Service & aahSupervisor Platform: Microsoft Windows 10 Home Wersja 21H2 19044.1889 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\NitroSense Service\PSAgent.exe (C:\Program Files (x86)\AVEVA\Platform Common Services\CoreServices\Asb.ServiceManager.exe ->) (AVEVA Group plc -> AVEVA Software, LLC) C:\Program Files (x86)\Common Files\ArchestrA\Services\aaServiceHost32.exe <7> (C:\Program Files (x86)\AVEVA\Platform Common Services\CoreServices\Asb.Watchdog.exe ->) (AVEVA Group plc -> AVEVA Software, LLC) C:\Program Files (x86)\AVEVA\Platform Common Services\CoreServices\Asb.Configuration.exe (C:\Program Files (x86)\AVEVA\Platform Common Services\CoreServices\Asb.Watchdog.exe ->) (AVEVA Group plc -> AVEVA Software, LLC) C:\Program Files (x86)\AVEVA\Platform Common Services\CoreServices\Asb.Discovery.exe (C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.204.0.1\OverwolfHelper.exe (C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.204.0.1\OverwolfHelper64.exe (C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.204.0.1\OverwolfBrowser.exe <3> (C:\Program Files\Acer\NitroSense Service\PSSvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\NitroSense Service\PSAdminAgent.exe (C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe (C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe ->) (Mentor Graphics Corporation -> Mentor Graphics Corporation) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\dispatcher.exe (DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxEM.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <27> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7> (explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_d5839c9d7c0bda64\WavesSvc64.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe (services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe (services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\NitroSense Service\PSSvc.exe (services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (AVEVA Group plc -> AVEVA Software, LLC) C:\Program Files (x86)\ArchestrA\Framework\Bin\aaGR.exe (services.exe ->) (AVEVA Group plc -> AVEVA Software, LLC) C:\Program Files (x86)\AVEVA\Platform Common Services\CoreServices\Asb.ServiceManager.exe (services.exe ->) (AVEVA Group plc -> AVEVA Software, LLC) C:\Program Files (x86)\AVEVA\Platform Common Services\CoreServices\Asb.Watchdog.exe (services.exe ->) (AVEVA Group plc -> AVEVA Software, LLC) C:\Program Files (x86)\Common Files\ArchestrA\aahClientAccessPoint.exe (services.exe ->) (AVEVA Group plc -> AVEVA Software, LLC) C:\Program Files (x86)\Common Files\ArchestrA\aaLogger.exe (services.exe ->) (AVEVA Group plc -> AVEVA Software, LLC) C:\Program Files (x86)\Common Files\ArchestrA\DASAgent.exe (services.exe ->) (AVEVA Group plc -> AVEVA Software, LLC) C:\Program Files (x86)\Common Files\ArchestrA\Framework\Bin\aaBootstrap.exe (services.exe ->) (AVEVA Group plc -> AVEVA Software, LLC) C:\Program Files (x86)\Common Files\ArchestrA\Framework\Bin\aaPim.exe (services.exe ->) (AVEVA Group plc -> AVEVA Software, LLC) C:\Program Files (x86)\Common Files\ArchestrA\Licensing Framework\License Manager\LMWeb.App\bin\LMWeb.WindowsService.exe (services.exe ->) (AVEVA Group plc -> AVEVA Software, LLC) C:\Program Files (x86)\Common Files\ArchestrA\Licensing Framework\License Server\LicServer.WindowsService.exe (services.exe ->) (AVEVA Group plc -> AVEVA Software, LLC) C:\Program Files (x86)\Common Files\ArchestrA\Licensing Framework\License Server\SELicServer.exe (services.exe ->) (AVEVA Group plc -> AVEVA Software, LLC) C:\Program Files (x86)\Common Files\ArchestrA\Licensing Framework\Sam Service\LicServer.SamWindowsService.exe (services.exe ->) (AVEVA Group plc -> AVEVA Software, LLC) C:\Program Files (x86)\Common Files\ArchestrA\Services\InTouchDataService.exe (services.exe ->) (AVEVA Group plc -> AVEVA Software, LLC) C:\Program Files (x86)\Common Files\ArchestrA\slssvc.exe (services.exe ->) (AVEVA Group plc -> AVEVA Software, LLC) C:\Program Files (x86)\Wonderware\OI-Server\AutoBuild\Bin\AutoBuildService.exe (services.exe ->) (AVEVA Group plc -> AVEVA Software, LLC) C:\Program Files\AVEVA\Platform Common Services\Data Store\SecureDataService.exe (services.exe ->) (AVEVA Group plc -> AVEVA Software, LLC) C:\Program Files\Common Files\ArchestrA\Hosting\aahSupervisor.exe (services.exe ->) (AVEVA Group plc -> AVEVA Software, LLC.) C:\Program Files (x86)\Sentinel System Monitor\Sentinel Manager\Console Service\psmsConsoleSrv.exe (services.exe ->) (Dassault Systemes SolidWorks Corp. -> ) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe (services.exe ->) (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe (services.exe ->) (Flexera Software LLC -> Flexera Software LLC) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe (services.exe ->) (Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxCUIService.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_7d6ad0397c5dc3fd\IntelCpHDCPSvc.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_7d6ad0397c5dc3fd\IntelCpHeciSvc.exe (services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_5d83605e8696144c\RstMwService.exe (services.exe ->) (Invensys Systems, Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Wonderware\DAServer\DASGESRTP\Bin\DASGESRTP.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Mentor Graphics Corporation -> Mentor Graphics Corporation) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (services.exe ->) (National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe (services.exe ->) (National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe (services.exe ->) (National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe (services.exe ->) (National Instruments Corporation -> National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe (services.exe ->) (National Instruments Corporation -> National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe (services.exe ->) (National Instruments Corporation -> National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvacig.inf_amd64_50ffce48b1e8519d\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (OPC Foundation) [Brak podpisu cyfrowego] C:\Windows\SysWOW64\OpcEnum.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> (services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe (services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_d5839c9d7c0bda64\WavesSysSvc64.exe (services.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (services.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe (svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe (svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe (svchost.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxext.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.15427.20210.0_x86__8wekyb3d8bbwe\Office16\SDXHelperBgt.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22062.536.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe (svchost.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319544 2019-02-27] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [838432 2019-03-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_d5839c9d7c0bda64\WavesSvc64.exe [1464728 2019-01-31] (Waves Inc -> Waves Audio Ltd.) HKLM-x32\...\Run: [AlarmPublisher] => C:\Program Files (x86)\Wonderware\InsightPublisher\aahAlarmPublisher.exe [838616 2018-12-13] (AVEVA Group plc -> AVEVA Software, LLC) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Ograniczenia <==== UWAGA HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Ograniczenia <==== UWAGA HKU\S-1-5-21-2232023634-2434869777-3980321789-1001\...\Run: [MicrosoftEdgeAutoLaunch_C052951EABF17684F72D4921B02C44CA] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3827128 2022-08-18] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2232023634-2434869777-3980321789-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\kryss\AppData\Local\Microsoft\Teams\Update.exe [2508480 2022-07-01] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\104.0.5112.102\Installer\chrmstp.exe [2022-08-23] (Google LLC -> Google LLC) ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0B8D1561-63F7-4FE7-AE49-316405004605} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [446624 2022-01-03] (Acer Incorporated -> Acer Incorporated) Task: {19142846-A647-4605-AED1-ABC4D279CC13} - System32\Tasks\MATLAB R2021b Startup Accelerator => C:\Program Files\MATLAB\R2021b\bin\win64\MATLABStartupAccelerator.exe [50176 2021-05-15] () [Brak podpisu cyfrowego] Task: {21C65C21-86C3-42DF-A159-1EA081FB943D} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4794672 2019-04-22] (Acer Incorporated -> ) Task: {227A9DB6-E45F-4EFA-86E4-9A1A47536446} - System32\Tasks\CareCenter\Discord_Reg_HKCURun_S-1-5-21-2232023634-2434869777-3980321789-1001 => C:\Users\kryss\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub) Task: {25B64DFE-E07D-480E-BD06-8497CF76E06B} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-01-03] (Acer Incorporated -> Acer Incorporated) Task: {29691D01-3D08-4401-9C31-11417079D973} - System32\Tasks\CareCenter\NI Error Reporting.lnk_FolderCommonAppdata => C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe [663896 2013-06-07] (National Instruments Corporation -> National Instruments Corporation) Task: {2C54A0E8-9F2D-4F21-965B-B07DB8C2EA21} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-25] (Google LLC -> Google LLC) Task: {3CEB2CFD-9E17-43E0-B28F-0D1A780075D5} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-09] (Microsoft Windows -> Microsoft Corporation) Task: {457F697E-642A-4872-8970-B3DE2DFF03FE} - System32\Tasks\Power Button => C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe [2771616 2022-01-03] (Acer Incorporated -> Acer Incorporated) Task: {4CA02D8B-B95C-47DB-AF8E-10DEADB3615B} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41776 2019-04-22] (Acer Incorporated -> ) Task: {59E3F74A-70EE-41B3-9F36-EBCA8AE0910F} - System32\Tasks\CareCenter\Overwolf_Reg_HKCURun_S-1-5-21-2232023634-2434869777-3980321789-1001 => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1802584 2022-08-04] (Overwolf Ltd -> Overwolf Ltd.) Task: {72F475B7-1FC1-4FB1-BC28-B64841FD299C} - System32\Tasks\NitroSense => C:\Program Files\Acer\NitroSense Service\PSLauncher.exe [601904 2019-04-25] (Acer Incorporated -> Acer Incorporated) Task: {82A39992-838C-42AA-8375-C0CC2D23E4A2} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-09] (Microsoft Windows -> Microsoft Corporation) Task: {8C2D5DD5-6AA9-4C8C-AE66-B2356F80373D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-25] (Google LLC -> Google LLC) Task: {8C2EC71A-05ED-406A-A2A5-E31B91338B99} - System32\Tasks\CareCenter\SOLIDWORKS 2020 Fast Start.lnk_FolderCommonAppdata => C:\WINDOWS\Installer\{3F4681F3-B30B-4531-ADB2-3661B531F926}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe [335872 2020-10-29] (Flexera) [Brak podpisu cyfrowego] Task: {8EDFEE2C-D2F8-4D06-917D-06A725E42A92} - System32\Tasks\CareCenter\CodeMeter Control Center.lnk_FolderCommonAppdata => C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe [11236760 2020-04-23] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) Task: {A07C322C-2F30-4161-BDD4-F0C023BBE7BD} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2935088 2019-04-22] (Acer Incorporated -> ) Task: {BE6CB0C6-A779-4EDE-8F27-4445DC84CB48} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [268096 2018-12-18] (Acer Incorporated -> Acer Incorporated) Task: {C0AE0EC3-A33B-407C-99AB-3A8A1E54EEE3} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {C861F3F8-6D4E-43CB-BABA-A0C03BB15FC6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {D2954263-D6CB-4834-B2BF-D93F75AB3BEA} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [65064 2020-03-16] (Acer Incorporated -> Acer) Task: {E03407DD-4732-4C2B-BA5D-0FF2DC94CEA7} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> ) Task: {E50DE84D-94A6-4F82-BE86-3BE5E7B10D30} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2211136 2018-12-18] (Acer Incorporated -> Acer Incorporated) Task: {E7964E8B-BA5F-442D-8F80-31B735E76C26} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {EDC44B40-54A9-4193-9217-D0F473A77FFE} - System32\Tasks\Oem\wlanBrokerTask => C:\Program Files (x86)\Acer\ExpressVPN\wlanBroker.exe [17688 2019-11-16] (Acer Incorporated -> ) Task: {F4FDA48A-D43A-4D1D-8F81-2AE3ACEB0355} - System32\Tasks\AcerNetworkOptimizerStart => C:\Program Files (x86)\Acer\Acer Network Optimizer\AcerNetworkOptimizer.exe [1987584 2019-03-13] () [Brak podpisu cyfrowego] Task: {F5BDC37E-6BFF-4C9C-B673-735BA8C09C8C} - System32\Tasks\CareCenter\XMouseButtonControl_Reg_HKLMRun => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1684216 2020-05-13] (Open Source Developer, Phillip Gibbons -> Highresolution Enterprises) Task: {FA93452F-257E-40D3-84CE-1E1F9C2B6437} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-08-04] (Overwolf Ltd -> Overwolf LTD) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\AcerNetworkOptimizerStart.job => C:\Program Files (x86)\Acer\Acer Network Optimizer\AcerNetworkOptimizer.exe Task: C:\WINDOWS\Tasks\MATLAB R2021b Startup Accelerator.job => C:\Program Files\MATLAB\R2021b\bin\win64\MATLABStartupAccelerator.exe C:\Program Files\MATLAB\R2021bLAPTOP-JCREBS7D\kryss.Sta ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Winsock: Catalog9 15 C:\WINDOWS\SysWOW64\vsocklib.dll [44128 2020-08-11] (VMware, Inc. -> VMware, Inc.) Winsock: Catalog9 16 C:\WINDOWS\SysWOW64\vsocklib.dll [44128 2020-08-11] (VMware, Inc. -> VMware, Inc.) Winsock: Catalog9-x64 15 C:\Windows\system32\vsocklib.dll [48224 2020-08-11] (VMware, Inc. -> VMware, Inc.) Winsock: Catalog9-x64 16 C:\Windows\system32\vsocklib.dll [48224 2020-08-11] (VMware, Inc. -> VMware, Inc.) Tcpip\..\Interfaces\{0ed9168c-0457-4736-ac69-5a5eb946b64b}: [DhcpNameServer] 83.175.144.9 83.175.144.14 Tcpip\..\Interfaces\{42f9be65-d64c-451f-a0b8-b623ed6627f3}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono] Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono] Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono] Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono] Edge DefaultProfile: Default Edge Profile: C:\Users\kryss\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-24] FireFox: ======== FF DefaultProfile: ga66fvv7.default FF ProfilePath: C:\Users\kryss\AppData\Roaming\Mozilla\Firefox\Profiles\ga66fvv7.default [2022-07-30] FF Extension: (Amazon Assistant) - C:\Users\kryss\AppData\Roaming\Mozilla\Firefox\Profiles\ga66fvv7.default\Extensions\abb-acer@amazon.com.xpi [2021-04-10] [UpdateUrl:hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json] FF Extension: (Polski Language Pack) - C:\Users\kryss\AppData\Roaming\Mozilla\Firefox\Profiles\ga66fvv7.default\Extensions\langpack-pl@firefox.mozilla.org.xpi [2022-01-20] FF Extension: (Amazon Assistant for Firefox) - C:\Program Files\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com.xpi [2019-05-14] [UpdateUrl:hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json] FF Extension: (Polski Language Pack) - C:\Program Files\Mozilla Firefox\distribution\extensions\langpack-pl@firefox.mozilla.org.xpi [2019-05-14] FF Extension: (Mozilla Partner Defaults) - C:\Program Files\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2021-08-19] [Przestarzałe] FF Plugin: 3ds.com/ComposerPlayerWebPlugin_x86_64 -> C:\PROGRA~1\SOLIDW~1\SOLIDW~3\Bin\NPCOMP~1.DLL [2020-07-15] (DASSAULT SYSTEMES SE -> Dassault Systemes) FF Plugin-x32: 3ds.com/ComposerPlayerWebPlugin -> C:\PROGRA~1\SOLIDW~1\SOLIDW~3\Bin\x86\NPCOMP~1.DLL [2020-07-15] (DASSAULT SYSTEMES SE -> Dassault Systemes) FF Plugin-x32: 3ds.com/ComposerPlayerWebPlugin_x86_64 -> \\devsilo1\builds\sw2020_sp04\sw\Release\x64\d200715.002.V37.final\composer\Bin\npcomposerplayerwebplugin.dll [Brak pliku] Chrome: ======= CHR Profile: C:\Users\kryss\AppData\Local\Google\Chrome\User Data\Default [2022-08-24] CHR Extension: (Dokumenty Google offline) - C:\Users\kryss\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-24] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\kryss\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 aaBootstrap; C:\Program Files (x86)\Common Files\ArchestrA\Framework\Bin\aaBootstrap.exe [1795560 2018-12-13] (AVEVA Group plc -> AVEVA Software, LLC) R2 aaGR; C:\Program Files (x86)\ArchestrA\Framework\Bin\aaGR.exe [234472 2018-12-14] (AVEVA Group plc -> AVEVA Software, LLC) R2 aahClientAccessPoint; C:\Program Files (x86)\Common Files\ArchestrA\aahClientAccessPoint.exe [2683864 2018-12-13] (AVEVA Group plc -> AVEVA Software, LLC) R2 aahSupervisor; C:\Program Files\Common Files\ArchestrA\Hosting\aahSupervisor.exe [40920 2018-12-10] (AVEVA Group plc -> AVEVA Software, LLC) R2 aaLogger; C:\Program Files (x86)\Common Files\ArchestrA\aaLogger.exe [340472 2018-11-19] (AVEVA Group plc -> AVEVA Software, LLC) R2 aaPim; C:\Program Files (x86)\Common Files\ArchestrA\Framework\Bin\aaPim.exe [1105896 2018-12-13] (AVEVA Group plc -> AVEVA Software, LLC) R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [300336 2019-04-22] (Acer Incorporated -> Acer Incorporated) S2 AIMTokenHost; C:\Program Files (x86)\AVEVA\Platform Common Services\Management Server\PCS.IdentityManager.Host.exe [124888 2018-12-03] (AVEVA Group plc -> AVEVA Software, LLC) R2 ArchestrADataStore; C:\Program Files\AVEVA\Platform Common Services\Data Store\SecureDataService.exe [17368 2018-11-12] (AVEVA Group plc -> AVEVA Software, LLC) S3 AsbCertificateRenewalService; C:\Program Files (x86)\AVEVA\Platform Common Services\CoreServices\Asb.CertificateRenewalService.exe [16856 2018-12-03] (AVEVA Group plc -> AVEVA Software, LLC) R3 AsbServiceManager; C:\Program Files (x86)\AVEVA\Platform Common Services\CoreServices\Asb.ServiceManager.exe [23000 2018-12-03] (AVEVA Group plc -> AVEVA Software, LLC) R2 AutoBuild_Service; C:\Program Files (x86)\Wonderware\OI-Server\AutoBuild\Bin\AutoBuildService.exe [59384 2018-12-11] (AVEVA Group plc -> AVEVA Software, LLC) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8906088 2021-03-11] (BattlEye Innovations e.K. -> ) R2 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [11839392 2020-04-23] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) R3 DASAgent; C:\Program Files (x86)\Common Files\ArchestrA\DASAgent.exe [167576 2018-11-28] (AVEVA Group plc -> AVEVA Software, LLC) R2 DASGESRTP; C:\Program Files (x86)\Wonderware\DAServer\DASGESRTP\Bin\DASGESRTP.exe [59392 2012-06-14] (Invensys Systems, Inc.) [Brak podpisu cyfrowego] R2 ewserver; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe [181384 2020-07-15] (Dassault Systemes SolidWorks Corp. -> ) S3 GATEWAY; C:\Program Files (x86)\Wonderware\OI-Server\OI-Gateway\Bin\Gateway.exe [70272 2018-12-13] (AVEVA Group plc -> AVEVA Software, LLC) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [225368 2022-07-20] (HP Inc. -> HP Inc.) S3 impi_hydra; C:\Program Files\Common Files\SolidWorks Shared\Simulation Worker Agent\hydra_service.exe [924472 2020-07-15] (Intel(R) Software Development Products -> Intel Corporation) R2 InTouchDataService; C:\Program Files (x86)\Common Files\ArchestrA\Services\InTouchDataService.exe [25240 2018-12-05] (AVEVA Group plc -> AVEVA Software, LLC) S3 InTouchWeb; C:\Program Files (x86)\Wonderware\InTouchWeb\Server\InTouchWeb.Host.exe [37016 2018-12-14] (AVEVA Group plc -> AVEVA Software, LLC) R2 License Server Agent Service; C:\Program Files (x86)\Common Files\ArchestrA\Licensing Framework\License Server\LicServer.WindowsService.exe [37368 2018-12-03] (AVEVA Group plc -> AVEVA Software, LLC) R3 License Server Core Service; C:\Program Files (x86)\Common Files\ArchestrA\Licensing Framework\License Server\SELicServer.exe [285176 2018-12-03] (AVEVA Group plc -> AVEVA Software, LLC) R2 License Server Sam Service; C:\Program Files (x86)\Common Files\ArchestrA\Licensing Framework\Sam Service\LicServer.SamWindowsService.exe [27128 2018-12-03] (AVEVA Group plc -> AVEVA Software, LLC) R2 LkCitadelServer; C:\WINDOWS\SysWOW64\lkcitdl.exe [695136 2010-10-27] (National Instruments Corporation -> National Instruments, Inc.) R2 lkClassAds; C:\WINDOWS\SysWOW64\lkads.exe [53544 2013-06-12] (National Instruments Corporation -> National Instruments Corporation) R2 lkTimeSync; C:\WINDOWS\SysWOW64\lktsrv.exe [63792 2013-06-12] (National Instruments Corporation -> National Instruments Corporation) R2 LMWebService; C:\Program Files (x86)\Common Files\ArchestrA\Licensing Framework\License Manager\LMWeb.App\bin\LMWeb.WindowsService.exe [29176 2018-12-16] (AVEVA Group plc -> AVEVA Software, LLC) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8680192 2022-08-13] (Malwarebytes Inc. -> Malwarebytes) R2 MSSQL$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [372512 2018-09-07] (Microsoft Corporation -> Microsoft Corporation) R2 MSSQLSERVER; C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [199872 2016-06-18] (Microsoft Corporation -> Microsoft Corporation) R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [380720 2013-06-12] (National Instruments Corporation -> National Instruments Corporation) R2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [260976 2013-05-11] (National Instruments Corporation -> National Instruments Corporation) R2 NiSvcLoc; C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe [90440 2013-06-07] (National Instruments Corporation -> National Instruments Corporation) R2 OpcEnum; C:\WINDOWS\SysWOW64\OpcEnum.exe [98304 2006-12-20] (OPC Foundation) [Brak podpisu cyfrowego] S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-08-04] (Overwolf Ltd -> Overwolf LTD) R2 psmsConsoleSrv; C:\Program Files (x86)\Sentinel System Monitor\Sentinel Manager\Console Service\psmsConsoleSrv.exe [54144 2018-12-12] (AVEVA Group plc -> AVEVA Software, LLC.) R3 PSSvc; C:\Program Files\Acer\NitroSense Service\PSSvc.exe [820016 2019-04-25] (Acer Incorporated -> Acer Incorporated) S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [466080 2022-01-03] (Acer Incorporated -> Acer Incorporated) R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [504480 2022-01-03] (Acer Incorporated -> Acer Incorporated) R2 RemoteSolverDispatcher; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe [251424 2020-07-15] (Mentor Graphics Corporation -> Mentor Graphics Corporation) S3 SIM; C:\Program Files (x86)\ArchestrA\OIServerRuntimeComponents\SIM.exe [70272 2018-12-11] (AVEVA Group plc -> AVEVA Software, LLC) S3 simHostSrv; C:\Program Files (x86)\Sentinel System Monitor\Sentinel AIM\simHostSrv.exe [34688 2018-12-12] (AVEVA Group plc -> AVEVA Software, LLC.) R2 slssvc; C:\Program Files (x86)\Common Files\ArchestrA\slssvc.exe [110232 2018-12-04] (AVEVA Group plc -> AVEVA Software, LLC) S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2020-10-29] (SolidWorks) [Brak podpisu cyfrowego] S4 SQLAgent$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613152 2018-09-07] (Microsoft Corporation -> Microsoft Corporation) S4 SQLSERVERAGENT; C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [454848 2016-06-18] (Microsoft Corporation -> Microsoft Corporation) R2 SWVisualize2020.Queue.Server; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe [30208 2020-07-15] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes) S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [305984 2018-12-18] (Acer Incorporated -> Acer Incorporated) R2 Watchdog_Service; C:\Program Files (x86)\AVEVA\Platform Common Services\CoreServices\Asb.Watchdog.exe [18392 2018-12-03] (AVEVA Group plc -> AVEVA Software, LLC) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.5-0\NisSrv.exe [3125128 2022-08-11] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.5-0\MsMpEng.exe [133560 2022-08-11] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WWNetDDE; C:\Program Files (x86)\Common Files\ArchestrA\wwnetdde.exe [86848 2018-10-23] (AVEVA Group plc -> AVEVA Software, PLC.) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvacig.inf_amd64_50ffce48b1e8519d\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvacig.inf_amd64_50ffce48b1e8519d\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2022-08-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-08-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-08-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [192960 2022-08-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [74704 2022-08-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-08-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181992 2022-08-24] (Malwarebytes Inc. -> Malwarebytes) S4 RsFx0321; C:\WINDOWS\System32\DRIVERS\RsFx0321.sys [258720 2018-07-25] (Microsoft Corporation -> Microsoft Corporation) R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [70560 2018-09-03] (Realtek Semiconductor Corp. -> Realtek) R2 Sentinel64; C:\WINDOWS\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.) R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [67072 2021-03-25] (VMware, Inc. -> VMware, Inc.) R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [105912 2020-08-11] (VMware, Inc. -> VMware, Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2022-08-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [453904 2022-08-11] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94456 2022-08-11] (Microsoft Windows -> Microsoft Corporation) S3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [38192 2020-11-23] (WireGuard LLC -> WireGuard LLC) S3 MpKsla6f6ff77; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1D17A601-2FD5-4D18-805F-3719BDE168E5}\MpKslDrv.sys [X] U4 npcap_wifi; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-08-24 17:05 - 2022-08-24 17:06 - 000038629 _____ C:\Users\kryss\Downloads\FRST.txt 2022-08-24 17:03 - 2022-08-24 17:06 - 000000000 ____D C:\FRST 2022-08-24 17:02 - 2022-08-24 17:02 - 002371072 _____ (Farbar) C:\Users\kryss\Downloads\FRST64.exe 2022-08-24 17:02 - 2022-08-24 17:02 - 002371072 _____ (Farbar) C:\Users\kryss\Downloads\FRST64 (1).exe 2022-08-24 16:55 - 2022-08-24 16:55 - 002044196 _____ C:\WINDOWS\Minidump\082422-9812-01.dmp 2022-08-24 14:16 - 2022-08-24 14:16 - 002413692 _____ C:\WINDOWS\Minidump\082422-8671-01.dmp 2022-08-24 14:16 - 2022-08-24 14:16 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2022-08-24 14:16 - 2022-08-24 14:16 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2022-08-24 14:16 - 2022-08-24 14:16 - 000181992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2022-08-24 14:16 - 2022-08-24 14:16 - 000074704 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2022-08-24 13:19 - 2022-08-24 16:55 - 000000004 ____H C:\ProgramData\cm-lock 2022-08-22 20:30 - 2022-08-22 20:30 - 000425091 _____ C:\Users\kryss\Downloads\zawiadomienie-o-popelnieniu-wykroczenia-skarbowego.pdf 2022-08-22 20:30 - 2022-08-22 20:30 - 000108825 _____ C:\Users\kryss\Downloads\zawiadomienie-o-popelnieniu-wykroczenia-skarbowego.gofin 2022-08-22 16:00 - 2022-08-22 19:13 - 000000000 ____D C:\Users\kryss\Desktop\alfa 2022-08-21 09:44 - 2022-08-21 09:44 - 000383395 _____ C:\Users\kryss\Downloads\opłaty (1).pdf 2022-08-21 09:44 - 2022-08-21 09:44 - 000270264 _____ C:\Users\kryss\Downloads\506465120822.pdf 2022-08-21 09:43 - 2022-08-21 09:43 - 000383395 _____ C:\Users\kryss\Downloads\opłaty.pdf 2022-08-16 21:45 - 2022-08-16 21:45 - 000000000 ____D C:\Users\kryss\Downloads\drive-download-20210714T194325Z-001 2022-08-14 09:30 - 2022-08-14 09:30 - 000077576 _____ C:\Users\kryss\Downloads\WeryfikacjaOC (1).pdf 2022-08-13 12:20 - 2022-08-13 12:20 - 000001491 _____ C:\Users\kryss\Desktop\Riot Client.lnk 2022-08-13 01:27 - 2022-08-24 16:55 - 000000000 ____D C:\Users\kryss\AppData\LocalLow\IGDump 2022-08-13 00:35 - 2022-08-13 00:35 - 000000000 ____D C:\Users\kryss\AppData\Local\mbam 2022-08-13 00:34 - 2022-08-13 00:34 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2022-08-13 00:34 - 2022-08-13 00:34 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2022-08-13 00:34 - 2022-08-13 00:34 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2022-08-13 00:34 - 2022-08-13 00:34 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2022-08-13 00:34 - 2022-08-13 00:34 - 000002025 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2022-08-13 00:33 - 2022-08-13 00:33 - 002556344 _____ (Malwarebytes) C:\Users\kryss\Downloads\MBSetup (2).exe 2022-08-13 00:33 - 2022-08-13 00:33 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-08-13 00:33 - 2022-08-13 00:33 - 000000000 ____D C:\Program Files\Malwarebytes 2022-08-13 00:32 - 2022-08-13 00:32 - 002556344 _____ (Malwarebytes) C:\Users\kryss\Downloads\MBSetup.exe 2022-08-13 00:32 - 2022-08-13 00:32 - 002556344 _____ (Malwarebytes) C:\Users\kryss\Downloads\MBSetup (1).exe 2022-08-13 00:30 - 2022-08-13 00:30 - 001695276 _____ C:\WINDOWS\Minidump\081322-8125-01.dmp 2022-08-13 00:29 - 2022-08-13 00:29 - 002271564 _____ C:\WINDOWS\Minidump\081322-7968-01.dmp 2022-08-12 08:32 - 2022-08-12 08:32 - 002068908 _____ C:\WINDOWS\Minidump\081222-10171-01.dmp 2022-08-09 22:43 - 2022-08-09 22:43 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr 2022-08-09 22:43 - 2022-08-09 22:43 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr 2022-08-09 22:43 - 2022-08-09 22:43 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2022-08-09 22:43 - 2022-08-09 22:43 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2022-08-09 22:43 - 2022-08-09 22:43 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-08-09 22:42 - 2022-08-09 22:42 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-08-09 22:42 - 2022-08-09 22:42 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll 2022-08-09 22:42 - 2022-08-09 22:42 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll 2022-08-09 22:38 - 2022-08-09 22:38 - 000000000 ___HD C:\$WinREAgent 2022-08-09 21:39 - 2022-08-09 21:39 - 000000000 ____D C:\Users\kryss\AppData\Roaming\Neos Eureka S.r.l 2022-08-04 23:28 - 2022-08-05 11:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation 2022-08-04 09:04 - 2022-08-04 09:04 - 000072659 _____ C:\Users\kryss\Downloads\268502_202208_FB_26924_20220801173521.pdf 2022-08-04 09:03 - 2022-08-04 09:03 - 000053815 _____ C:\Users\kryss\Downloads\Informacja o rozdysponowaniu.PDF 2022-08-03 15:00 - 2022-08-03 15:00 - 001036087 _____ C:\Users\kryss\Downloads\96013-7256-000000974.pdf 2022-08-03 14:56 - 2022-08-09 22:29 - 000000000 ____D C:\WINDOWS\system32\Tasks\CareCenter 2022-08-03 11:04 - 2022-08-03 11:04 - 001389197 _____ C:\Users\kryss\Downloads\oferta-hoteli-Turcja.pdf 2022-07-31 11:43 - 2022-07-31 11:43 - 000791824 _____ C:\Users\kryss\Downloads\Oferta-BP-ITAKA-Salon-Firmowy-Galeria-Biała.pdf 2022-07-28 19:13 - 2022-07-28 19:13 - 000801128 _____ C:\Users\kryss\Downloads\Certyfikat.pdf 2022-07-25 22:48 - 2022-07-25 22:48 - 000031749 _____ C:\Users\kryss\Downloads\mail_24_07_2022_10_39_57.pdf 2022-07-25 14:10 - 2022-07-25 14:12 - 000007142 _____ C:\Users\kryss\Downloads\OCCT.config.json 2022-07-25 14:09 - 2022-07-25 14:09 - 086434480 _____ (OCCT - Ocbase - Adrien Mercier) C:\Users\kryss\Downloads\OCCT.exe ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-08-24 17:02 - 2021-03-23 22:49 - 002155032 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-08-24 17:02 - 2019-12-07 17:08 - 000820718 _____ C:\WINDOWS\system32\perfh015.dat 2022-08-24 17:02 - 2019-12-07 17:08 - 000164096 _____ C:\WINDOWS\system32\perfc015.dat 2022-08-24 17:02 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2022-08-24 16:59 - 2021-09-03 17:45 - 000002325 _____ C:\Users\kryss\Desktop\Porofessor.gg.lnk 2022-08-24 16:59 - 2021-09-03 17:43 - 000000000 ____D C:\Users\kryss\AppData\Local\Overwolf 2022-08-24 16:59 - 2020-12-28 18:12 - 000000000 ____D C:\Users\kryss\AppData\Local\Discord 2022-08-24 16:59 - 2020-06-19 01:29 - 000000000 ____D C:\Users\kryss\AppData\Roaming\discord 2022-08-24 16:57 - 2020-05-25 16:45 - 000000000 ____D C:\Program Files (x86)\Google 2022-08-24 16:56 - 2021-05-14 21:44 - 000000000 ____D C:\WINDOWS\Minidump 2022-08-24 16:56 - 2020-10-29 21:09 - 000000000 ____D C:\ProgramData\FNEServer 2022-08-24 16:56 - 2020-05-21 13:20 - 000000000 ___RD C:\Users\kryss\OneDrive 2022-08-24 16:55 - 2021-05-14 21:44 - 1763582975 _____ C:\WINDOWS\MEMORY.DMP 2022-08-24 16:55 - 2021-04-21 09:57 - 000000000 ____D C:\ProgramData\VMware 2022-08-24 16:55 - 2021-03-23 22:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-08-24 16:55 - 2021-03-23 22:45 - 000008192 ___SH C:\DumpStack.log.tmp 2022-08-24 16:55 - 2020-05-21 13:18 - 000000000 __SHD C:\Users\kryss\IntelGraphicsProfiles 2022-08-24 16:55 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-08-24 16:55 - 2019-08-03 06:27 - 000000000 ____D C:\ProgramData\NVIDIA 2022-08-24 16:17 - 2021-08-24 11:37 - 000000000 ____D C:\ProgramData\Riot Games 2022-08-24 16:14 - 2021-03-23 22:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-08-24 14:16 - 2021-03-23 22:46 - 000000000 ____D C:\Users\kryss 2022-08-24 13:19 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2022-08-23 22:24 - 2020-05-25 16:46 - 000002311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-08-23 22:24 - 2020-05-25 16:46 - 000002270 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2022-08-23 22:21 - 2020-06-15 13:31 - 000000000 ____D C:\Users\kryss\AppData\Local\CrashDumps 2022-08-23 09:56 - 2021-12-11 16:59 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2232023634-2434869777-3980321789-1001 2022-08-23 09:56 - 2021-03-23 22:56 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2232023634-2434869777-3980321789-1001 2022-08-23 09:56 - 2021-03-23 22:46 - 000002431 _____ C:\Users\kryss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-08-22 08:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-08-20 18:31 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-08-20 17:32 - 2020-07-15 02:03 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-08-20 17:32 - 2020-07-15 02:03 - 000002290 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2022-08-17 09:43 - 2021-03-23 22:56 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-08-17 09:43 - 2021-03-23 22:56 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-08-16 20:04 - 2021-09-03 17:44 - 000000000 ____D C:\Program Files (x86)\Overwolf 2022-08-13 12:20 - 2021-08-24 11:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games 2022-08-13 00:41 - 2021-09-13 11:21 - 000000000 ____D C:\Program Files (x86)\Outbyte 2022-08-13 00:34 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-08-12 20:32 - 2021-03-23 22:45 - 001396024 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-08-12 11:31 - 2020-06-19 09:20 - 000000000 ____D C:\Program Files (x86)\Steam 2022-08-12 11:30 - 2020-06-19 09:24 - 000000000 ____D C:\Users\kryss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2022-08-12 11:28 - 2020-05-21 13:18 - 000000000 ____D C:\Users\kryss\AppData\Local\Packages 2022-08-11 02:04 - 2020-09-13 03:31 - 000000000 ____D C:\Users\kryss\AppData\Local\D3DSCache 2022-08-11 00:08 - 2019-08-03 06:04 - 000000000 __RHD C:\Users\Public\AccountPictures 2022-08-11 00:08 - 2019-08-03 06:01 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2022-08-10 22:13 - 2020-06-19 01:29 - 000002235 _____ C:\Users\kryss\Desktop\Discord.lnk 2022-08-10 21:29 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-08-09 23:57 - 2019-12-07 17:11 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2022-08-09 23:57 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-08-09 23:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2022-08-09 23:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-08-09 23:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-08-09 23:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2022-08-09 23:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2022-08-09 23:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-08-09 23:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-08-09 23:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2022-08-09 23:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-08-09 22:42 - 2021-03-23 22:47 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-08-09 22:36 - 2020-05-22 14:17 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-08-09 22:34 - 2020-05-22 14:16 - 144534560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-08-09 22:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2022-08-09 22:28 - 2022-03-22 22:14 - 000000000 ____D C:\Users\kryss\AppData\Local\ElevatedDiagnostics 2022-08-05 11:44 - 2019-08-03 06:52 - 000000000 ____D C:\ProgramData\Norton 2022-08-05 11:42 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2022-08-05 11:39 - 2019-08-03 06:52 - 000000000 ____D C:\ProgramData\NortonInstaller 2022-08-01 23:09 - 2021-05-24 14:01 - 000000000 ____D C:\Users\kryss\Desktop\AUTO-BOGUCKI 2022-07-30 11:21 - 2020-05-22 13:39 - 000000000 ____D C:\Users\kryss\AppData\LocalLow\Mozilla 2022-07-30 11:20 - 2019-08-03 06:51 - 000000000 ____D C:\ProgramData\Mozilla 2022-07-30 11:19 - 2021-08-19 08:35 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-07-25 14:51 - 2020-08-10 18:42 - 000000000 ____D C:\Users\kryss\Desktop\KAMERY ==================== Pliki w katalogu głównym wybranych folderów ======== 2020-10-29 21:12 - 2020-10-29 21:12 - 000000346 _____ () C:\Program Files (x86)\Common Files\AppserverPluginLog.Log 2020-10-29 21:10 - 2020-10-29 21:10 - 000000065 _____ () C:\Program Files (x86)\Common Files\ConfigureSQLLog.Log 2002-03-12 11:44 - 2002-03-12 11:44 - 000000090 _____ () C:\Program Files (x86)\Common Files\InstalledProducts.xml 2002-03-12 11:44 - 2002-03-12 11:44 - 000000817 _____ () C:\Program Files (x86)\Common Files\InstalledProducts.xsl 2020-10-29 21:10 - 2020-10-29 21:10 - 000001311 _____ () C:\Program Files (x86)\Common Files\SentinelSQLLog.Log 2021-03-23 09:29 - 2021-03-23 09:29 - 000000330 _____ () C:\Users\kryss\AppData\Roaming\albion-online-stats.cfg 2021-03-23 09:29 - 2021-03-24 13:20 - 000000000 _____ () C:\Users\kryss\AppData\Roaming\Albion_Online_Stats.launch.pyw.log 2020-12-16 09:31 - 2020-12-16 09:31 - 000000118 _____ () C:\Users\kryss\AppData\Roaming\debug.log 2021-03-22 11:52 - 2021-03-22 11:52 - 000000016 _____ () C:\Users\kryss\AppData\Roaming\obs-virtualcam.txt 2022-06-30 19:46 - 2022-06-30 19:46 - 000000017 _____ () C:\Users\kryss\AppData\Local\resmon.resmoncfg 2022-06-11 19:17 - 2022-06-11 22:28 - 000000000 _____ () C:\Users\kryss\AppData\Local\Temptable.xml ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================