Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 26-11-2021 Uruchomiony przez Nojasy (administrator) NOJASY-ASUS (ASUSTeK COMPUTER INC. X556UQK) (01-12-2021 00:57:44) Uruchomiony z C:\Users\Nojasy\Desktop\FRST Załadowane profile: Nojasy Platform: Microsoft Windows 10 Home Wersja 21H2 19044.1348 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (ASUS) [Brak podpisu cyfrowego] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (Brother Industries, Ltd. -> ) C:\Program Files (x86)\Brother\BRPrintAuditor\BRAgtSrv.exe (Brother Industries, Ltd. -> brother Industries Ltd) C:\Program Files (x86)\Brother\BRPrintAuditor\brausc3a.exe (Brother Industries, Ltd. -> brother Industries Ltd) C:\Program Files (x86)\Brother\BRPrintAuditor\brsvau3a.exe (FarStone Technology -> ) C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe (Farstone Technology Inc -> ) C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe (Intel Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\IntelCpHeciSvc.exe (LG Electronics Inc. -> ) C:\Program Files (x86)\LG Software\LG Smart Share\DMR\SmartShareDMR.exe (LG Electronics Inc. -> LG Electronics Inc.) C:\Program Files (x86)\LG Software\LG Smart Share\DMC\Aggregation.exe (LG Electronics Inc. -> LG Electronics Inc.) C:\Program Files (x86)\LG Software\LG Smart Share\DMS\SmartShareDMS.exe (LG Electronics Inc. -> LG Electronics Inc.) C:\Program Files (x86)\LG Software\LG Smart Share\Update\SmartShareTray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Users\Nojasy\AppData\Roaming\.dllbackups\dllruntime.exe (Microsoft Corporation) [Brak podpisu cyfrowego] C:\Users\Nojasy\AppData\Local\Temp\1y6QaG1dVqmqkzRvawVNVxn3bhE\dllservices.exe <4> (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14> (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_0563af65101748e9\Display.NvContainer\NVDisplay.Container.exe <2> (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [657704 2019-05-14] (Autodesk, Inc. -> Autodesk, Inc.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Java\jre1.6.0\bin\jusched.exe [77824 2021-02-07] (Sun Microsystems, Inc.) [Brak podpisu cyfrowego] HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-2721533137-1662502331-562609926-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32281272 2020-11-10] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-2721533137-1662502331-562609926-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2007576 2017-02-03] (Autodesk, Inc -> Autodesk, Inc.) HKU\S-1-5-21-2721533137-1662502331-562609926-1001\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [2367352 2021-11-30] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2721533137-1662502331-562609926-1001\...\Run: [electron.app.dllservices] => C:\Users\Nojasy\AppData\Roaming\.dllbackups\dllruntime.exe [63924368 2021-11-28] (Microsoft Corporation) [Brak podpisu cyfrowego] [Plik w użyciu] HKU\S-1-5-21-2721533137-1662502331-562609926-1001\...\Policies\Explorer: [] HKLM\...\Windows x64\Print Processors\HP1006PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1006PP.dll [65024 2013-04-15] (Microsoft Windows Hardware Compatibility Publisher -> ) GroupPolicy: Ograniczenia ? <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0400466A-250D-43D4-91C7-427FC4DD9841} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647376 2021-11-24] (Nvidia Corporation -> NVIDIA Corporation) Task: {057C83B2-E6F0-417A-8D70-BDC9A6072A85} - System32\Tasks\e-pity2020_kwiecien => C:\Program Files (x86)\e-file\e-pity\Assets\signxml.exe [37168 2021-04-13] (e-file sp. z o.o. sp. k. -> e-file sp. z o.o. sp. k.) Task: {284FFD69-C206-4A78-856A-B8BA594E2FBD} - System32\Tasks\Office 2019 Statique Activation Planificateur => F:\Office [Argument = 2019\Office.2019.ProPlusPL.x86.x64\ActO19.cmd -renewalonly] Task: {4320D6FE-3710-492A-A9FC-7C038375A712} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26781880 2020-11-10] (Piriform Software Ltd -> Piriform Software Ltd) Task: {4C30A9A7-1342-4D8C-9E6E-022F4F90BE0F} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [143160 2019-03-12] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) Task: {4E1AD51E-0228-476D-9FD7-062CAC6325E8} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1429248 2016-05-20] (Realtek Semiconductor Corp -> Realtek Semiconductor) Task: {520E3949-BDE2-407A-98D6-6D2372DE1960} - System32\Tasks\e-pity2020_styczen => C:\Program Files (x86)\e-file\e-pity\Assets\signxml.exe [37168 2021-04-13] (e-file sp. z o.o. sp. k. -> e-file sp. z o.o. sp. k.) Task: {56C5CE19-ED20-4D18-BD42-F4575ABDF208} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation) Task: {675E6CB4-96C8-4005-9BF9-22AB549285B9} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-11-24] (Nvidia Corporation -> NVIDIA Corporation) Task: {691A819F-878B-43D8-B231-F5471BB11835} - System32\Tasks\SmartShare => C:\Program Files (x86)\LG Software\LG Smart Share\SmartShareStart.exe [513216 2017-12-12] (LG Electronics Inc. -> LG Electronics Inc.) Task: {8356F34D-B2B2-462A-A5AC-CB101BE4C447} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [55808 2016-10-12] (ASUS) [Brak podpisu cyfrowego] Task: {87E5EE98-7464-40D2-BE87-9593A75379BD} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339464 2021-11-24] (Nvidia Corporation -> NVIDIA Corporation) Task: {88EA945D-EABC-45B1-A2B1-328CD1BA47CB} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-14] (Adobe Inc. -> Adobe) Task: {8AED36C3-FD9A-42C7-9791-16EF0C64A0A5} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-11-24] (Nvidia Corporation -> NVIDIA Corporation) Task: {8F200761-338E-4984-8C17-42252DA000B5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-11-24] (Nvidia Corporation -> NVIDIA Corporation) Task: {90A34BD6-886B-4669-8CE5-03D201B92D47} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [3060072 2021-11-30] (Microsoft Corporation -> Microsoft Corporation) Task: {A07BBCED-43C3-475F-B2B5-E7287FCEA64A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-14] (Adobe Inc. -> Adobe) Task: {A449244D-6A26-41DE-AFEE-CCDE63218D2D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-11-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {A73E7225-46B2-457D-8639-A6BDAF04A7D9} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {AF8D1585-A5C2-4F44-8D6C-41CCCE2F5D7B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-30] (Mozilla Corporation -> Mozilla Foundation) Task: {B7DDFB79-616E-4B1D-BF73-74101F9504FC} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-11-24] (Nvidia Corporation -> NVIDIA Corporation) Task: {BEF3CF1B-107C-4770-B35A-BDD2A257E9BC} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-11-24] (Nvidia Corporation -> NVIDIA Corporation) Task: {C05FBC63-7D6C-4982-8B9E-937F2CD329D0} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-05-20] (Realtek Semiconductor Corp -> Realtek Semiconductor) Task: {C33C56F4-2CB2-40C7-8237-6CE8288D9A1F} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18400 2017-04-11] (ASUSTeK Computer Inc. -> AsusTek) Task: {C367407D-5578-4B44-8D84-499251E6AEB4} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19786024 2016-02-23] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) Task: {C50809E2-3D66-40EA-84D9-B7BEF28F9FBB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.) Task: {D450C219-79A2-4571-8007-A13B5E2DF9E7} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1616160 2016-01-19] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Brak podpisu cyfrowego] Task: {DF16EEB3-17F6-4676-B3B7-894EE725AD5E} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {EA945FE1-18F1-4E42-8700-2B6E8E094DC5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-11-10] (Piriform Software Ltd -> Piriform Software Ltd) Task: {F65E2919-3E9F-4451-8054-3B2D0D3D0861} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-11-24] (Nvidia Corporation -> NVIDIA Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.50.1 Tcpip\..\Interfaces\{7379dd49-a2c5-4899-a995-9217fbbd445f}: [DhcpNameServer] 192.168.50.1 Tcpip\..\Interfaces\{b04915c8-2f1e-484f-856c-1708f031a4be}: [NameServer] 89.108.202.20 185.89.185.1 Tcpip\..\Interfaces\{dcb516ad-c753-4ae9-a4f8-8a732c9ecffc}: [DhcpNameServer] 192.168.50.1 Tcpip\..\Interfaces\{ddcfc87d-0e67-42c1-bf4f-2e143018e3a7}: [NameServer] 89.108.202.20 185.89.185.1 Tcpip\..\Interfaces\{f1352a8f-5b45-45be-8630-b169e20878b6}: [NameServer] 89.108.202.20 185.89.185.1 Edge: ======= Edge HomeButtonPage: HKU\S-1-5-21-2721533137-1662502331-562609926-1001 -> hxxp://www.nav-pl.com/ Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono] Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono] Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono] Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono] Edge Profile: C:\Users\Nojasy\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-30] Edge HomePage: Default -> hxxp://www.nav-pl.com/ Edge StartupUrls: Default -> "hxxp://www.nav-pl.com/" Edge DefaultSearchURL: Default -> hxxp://www.nav-pl.com/search?q={searchTerms} Edge DefaultSearchKeyword: Default -> nav-pl.com FireFox: ======== FF DefaultProfile: ylf1hfm3.default FF ProfilePath: C:\Users\Nojasy\AppData\Roaming\Mozilla\Firefox\Profiles\ylf1hfm3.default [2021-12-01] FF Homepage: Mozilla\Firefox\Profiles\ylf1hfm3.default -> hxxps://www.google.com/ FF Notifications: Mozilla\Firefox\Profiles\ylf1hfm3.default -> hxxps://player.pl; hxxps://beactivetv.pl; hxxps://wam.warta.pl FF Extension: (Chrome Remote Desktop) - C:\Users\Nojasy\AppData\Roaming\Mozilla\Firefox\Profiles\ylf1hfm3.default\Extensions\remotedesktop@google.com.xpi [2020-05-03] [UpdateUrl:hxxps://www.gstatic.com/chromoting/firefox_extension/update.json] FF Extension: (Social Video Downloader) - C:\Users\Nojasy\AppData\Roaming\Mozilla\Firefox\Profiles\ylf1hfm3.default\Extensions\{00e68183-fc7d-4a91-b5cc-f7f8272386db}.xpi [2020-09-03] FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi => nie znaleziono FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi => nie znaleziono FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-14] (Adobe Inc. -> ) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-14] (Adobe Inc. -> ) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Brak pliku] FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Brak pliku] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] Opera: ======= OPR Profile: C:\Users\Nojasy\AppData\Roaming\Opera Software\Opera Stable [2021-06-22] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Rich Hints Agent) - C:\Users\Nojasy\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-06-22] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) "ESProtectionDriver" => serwis nie został odblokowany. <==== UWAGA HKLM\SYSTEM\ControlSet001\Services\ESProtectionDriver => C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) <==== UWAGA (Rootkit!/Zablokowana usługa) "MBAMChameleon" => serwis nie został odblokowany. <==== UWAGA HKLM\SYSTEM\ControlSet001\Services\MBAMChameleon => \SystemRoot\System32\Drivers\MbamChameleon.sys <==== UWAGA (Rootkit!/Zablokowana usługa) "MBAMWebProtection" => serwis nie został odblokowany. <==== UWAGA HKLM\SYSTEM\ControlSet001\Services\MBAMWebProtection => \SystemRoot\system32\DRIVERS\mwac.sys <==== UWAGA (Rootkit!/Zablokowana usługa) S4 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1233272 2019-05-14] (Autodesk, Inc. -> Autodesk Inc.) S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.) S4 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-14] (Adobe Inc. -> Adobe) R2 BrAuSvc; C:\Program Files (x86)\Brother\BRPrintAuditor\Brsvau3a.exe [71712 2018-05-01] (Brother Industries, Ltd. -> brother Industries Ltd) R2 BRPA_Agent; C:\Program Files (x86)\Brother\BRPrintAuditor\BRAgtSrv.exe [161312 2018-05-01] (Brother Industries, Ltd. -> ) S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] S4 CIJSRegister; C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe [144784 2018-04-18] (Canon Inc. -> CANON INC.) S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [326032 2018-06-05] (ASUSTeK Computer Inc. -> ) R2 FBAgent; C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe [73032 2014-08-13] (FarStone Technology -> ) S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\FileSyncHelper.exe [2448232 2021-11-30] (Microsoft Corporation -> Microsoft Corporation) S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [443344 2020-05-25] (Canon Inc. -> ) S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [Brak podpisu cyfrowego] R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [Brak podpisu cyfrowego] S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2021-11-30] (Malwarebytes Inc -> Malwarebytes) S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\OneDriveUpdaterService.exe [2836840 2021-11-30] (Microsoft Corporation -> Microsoft Corporation) R2 Tran_Process_Proc; C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe [71024 2014-03-25] (Farstone Technology Inc -> ) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_0563af65101748e9\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_0563af65101748e9\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 AiCharger; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [22656 2016-02-23] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.) S3 ALSysIO; C:\Users\Nojasy\AppData\Local\Temp\ALSysIO64.sys [47240 2021-12-01] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== UWAGA S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUS) R3 AsusSGDrv; C:\WINDOWS\system32\DRIVERS\AsusSGDrv.sys [143336 2017-04-11] (ASUSTeK Computer Inc. -> ASUS Corporation) R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.) S3 BEHRINGER_2902; C:\WINDOWS\System32\Drivers\BUSB2902.sys [460864 2009-10-30] (Ploytec GmbH -> BEHRINGER) S3 BUSB_AUDIO_WDM; C:\WINDOWS\system32\drivers\busbwdm.sys [49728 2009-10-30] (Ploytec GmbH -> BEHRINGER) S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> ) S3 farmntio; C:\Windows\system32\drivers\farmntio.sys [25144 2014-03-25] (FarStone Technology -> ) [Brak podpisu cyfrowego] S3 FcSerial; C:\WINDOWS\System32\drivers\FcSerial.sys [221568 2013-01-30] (Microsoft Windows Hardware Compatibility Publisher -> Flash Card.) S3 FlashUSB; C:\WINDOWS\System32\drivers\FlashUSB.sys [19968 2014-12-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Mobile Communications) R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-11-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-30] (Malwarebytes Inc -> Malwarebytes) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation) S3 shspusb; C:\WINDOWS\System32\drivers\HSPUSB.sys [24064 2014-12-03] (Microsoft Windows Hardware Compatibility Publisher -> MobileTop) S3 sscdserd; C:\WINDOWS\System32\drivers\sscdserd.sys [158024 2014-12-03] (MCCI Corporation -> MCCI Corporation) S3 ssceserd; C:\WINDOWS\System32\drivers\ssceserd.sys [158024 2014-12-03] (MCCI Corporation -> MCCI Corporation) S3 ssdudfu; C:\WINDOWS\System32\drivers\ssdudfu.sys [101960 2014-12-03] (MCCI Corporation -> MCCI) S3 ssm_bus; C:\WINDOWS\System32\drivers\ssm_bus.sys [136192 2014-12-03] (MCCI Corporation -> MCCI Corporation) S3 ssm_mdm; C:\WINDOWS\System32\drivers\ssm_mdm.sys [172032 2014-12-03] (MCCI Corporation -> MCCI Corporation) S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206104 2014-12-03] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206104 2014-12-03] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [48920 2014-12-03] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated) S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206104 2014-12-03] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ss_bserd; C:\WINDOWS\System32\drivers\ss_bserd.sys [128000 2014-12-03] (MCCI Corporation -> MCCI Corporation) S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26392 2014-12-03] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-04] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-04] (Microsoft Windows -> Microsoft Corporation) S3 ewusbmbb; \SystemRoot\System32\drivers\ewusbwwan.sys [X] S3 huawei_enumerator; \SystemRoot\System32\drivers\ew_jubusenum.sys [X] S3 hwdatacard; \SystemRoot\system32\DRIVERS\ewusbmdm.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-11-30 23:48 - 2021-12-01 00:37 - 000001995 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-11-30 23:48 - 2021-12-01 00:37 - 000001983 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2021-11-30 23:48 - 2021-11-30 23:48 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-11-30 23:48 - 2021-11-30 23:48 - 000000000 ____D C:\Users\Nojasy\AppData\Local\mbam 2021-11-30 23:48 - 2021-11-30 23:47 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2021-11-30 23:48 - 2021-11-30 23:47 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2021-11-30 23:47 - 2021-12-01 00:36 - 000000000 ____D C:\ProgramData\Malwarebytes 2021-11-30 23:47 - 2021-12-01 00:36 - 000000000 ____D C:\Program Files\Malwarebytes 2021-11-30 23:45 - 2021-11-30 23:47 - 000000000 ____D C:\AdwCleaner 2021-11-30 23:45 - 2021-11-30 23:45 - 008540344 _____ (Malwarebytes) C:\Users\Nojasy\Desktop\AdwCleaner.exe 2021-11-30 23:45 - 2021-11-30 23:45 - 002101944 _____ (Malwarebytes) C:\Users\Nojasy\Desktop\MBSetup-10789.10789-consumer.exe 2021-11-30 22:31 - 2021-12-01 00:57 - 000000000 ____D C:\Users\Nojasy\Desktop\FRST 2021-11-30 21:48 - 2021-11-30 21:48 - 000000000 ___HD C:\avast! sandbox 2021-11-30 21:47 - 2021-11-30 21:47 - 000000000 ___HD C:\$AV_ASW 2021-11-30 21:46 - 2021-12-01 00:58 - 000000000 ____D C:\FRST 2021-11-30 20:55 - 2021-11-30 20:55 - 000001381 _____ C:\Users\Nojasy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2021-11-30 20:55 - 2021-11-30 20:55 - 000001275 _____ C:\Users\Nojasy\Desktop\ESET Online Scanner.lnk 2021-11-30 20:55 - 2021-11-30 20:55 - 000000000 ____D C:\Users\Nojasy\AppData\Local\ESET 2021-11-30 19:07 - 2021-11-30 19:07 - 000000000 ____D C:\Users\Nojasy\AppData\Roaming\Ookla 2021-11-30 09:58 - 2021-11-30 09:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-11-28 21:30 - 2021-11-30 21:42 - 000000000 ____D C:\Users\Nojasy\Valley 2021-11-28 21:30 - 2021-11-28 21:36 - 001065984 _____ C:\Users\Nojasy\AppData\Local\file__0.localstorage 2021-11-28 21:17 - 2021-11-30 23:55 - 000000000 ____D C:\Users\Nojasy\AppData\Roaming\ReviverSoft 2021-11-28 20:47 - 2021-11-28 20:47 - 000000000 ____D C:\Users\Nojasy\AppData\Roaming\SpeedTestPL 2021-11-28 20:45 - 2021-11-28 20:45 - 000001098 _____ C:\Users\Public\Desktop\SpeedTest.pl.lnk 2021-11-28 20:45 - 2021-11-28 20:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedTest.pl 2021-11-28 20:45 - 2021-11-28 20:45 - 000000000 ____D C:\Program Files (x86)\Speed_Test_PL 2021-11-28 20:28 - 2021-11-28 20:43 - 000000000 ____D C:\Users\Nojasy\AppData\Local\MetaGeek 2021-11-28 20:28 - 2021-11-28 20:28 - 000002198 _____ C:\Users\Nojasy\Desktop\inSSIDer.lnk 2021-11-28 20:28 - 2021-11-28 20:28 - 000000000 ____D C:\Users\Nojasy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek 2021-11-28 20:28 - 2021-11-28 20:28 - 000000000 ____D C:\Users\Nojasy\AppData\Local\SquirrelTemp 2021-11-28 20:28 - 2021-11-28 20:28 - 000000000 ____D C:\Users\Nojasy\AppData\Local\inSSIDer 2021-11-28 20:18 - 2021-11-28 20:18 - 000001171 _____ C:\Users\Public\Desktop\LibreOffice 7.2.lnk 2021-11-28 20:18 - 2021-11-28 20:18 - 000000000 ____D C:\Users\Nojasy\AppData\Roaming\LibreOffice 2021-11-28 20:18 - 2021-11-28 20:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.2 2021-11-28 20:17 - 2021-11-28 20:17 - 000000000 ____D C:\Program Files\LibreOffice 2021-11-28 19:34 - 2021-11-28 19:34 - 000000000 ___HD C:\$WinREAgent 2021-11-28 19:07 - 2021-12-01 00:49 - 000000000 ____D C:\Users\Nojasy\AppData\Roaming\dll-propagation 2021-11-28 18:52 - 2021-12-01 00:52 - 000000000 ____D C:\Users\Nojasy\AppData\Roaming\dllservices 2021-11-28 18:52 - 2021-11-30 21:26 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive 2021-11-28 18:52 - 2021-11-30 10:06 - 000003206 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2021-11-28 18:52 - 2021-11-30 10:06 - 000002180 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-11-28 18:52 - 2021-11-28 19:13 - 000000000 ___HD C:\Users\Nojasy\AppData\Roaming\.dllbackups 2021-11-28 18:52 - 2021-11-28 18:52 - 000000000 ___RD C:\Users\Default\OneDrive 2021-11-28 18:29 - 2021-11-28 18:31 - 000000000 ____D C:\Users\Nojasy\Desktop\ZDROWE badania 2021-11-28 16:16 - 2021-11-28 20:18 - 000000000 ____D C:\Users\Nojasy\AppData\Roaming\.minecraft 2021-11-28 16:16 - 2021-11-28 16:20 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher 2021-11-28 16:16 - 2021-11-28 16:16 - 000001105 _____ C:\Users\Public\Desktop\Minecraft Launcher.lnk 2021-11-28 16:16 - 2021-11-28 16:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Launcher 2021-11-28 16:15 - 2021-11-28 16:15 - 002666496 _____ C:\Users\Nojasy\Downloads\MinecraftInstaller.msi 2021-11-26 23:39 - 2021-11-26 23:39 - 000000991 _____ C:\Users\Nojasy\Desktop\Core Temp.lnk 2021-11-26 23:39 - 2021-11-26 23:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp 2021-11-26 23:39 - 2021-11-26 23:39 - 000000000 ____D C:\Program Files\Core Temp 2021-11-21 17:42 - 2021-11-21 17:42 - 198629005 _____ C:\Users\Nojasy\Desktop\Elfi 2021 mikołaj film Neli.mp4 2021-11-16 22:44 - 2021-11-11 03:33 - 000656512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2021-11-16 22:44 - 2021-11-11 03:32 - 005730224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2021-11-16 22:43 - 2021-11-11 03:36 - 001874664 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2021-11-16 22:43 - 2021-11-11 03:36 - 001874664 _____ C:\WINDOWS\system32\vulkaninfo.exe 2021-11-16 22:43 - 2021-11-11 03:36 - 001464960 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2021-11-16 22:43 - 2021-11-11 03:36 - 001450216 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2021-11-16 22:43 - 2021-11-11 03:36 - 001450216 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2021-11-16 22:43 - 2021-11-11 03:36 - 001208248 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2021-11-16 22:43 - 2021-11-11 03:36 - 001111272 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2021-11-16 22:43 - 2021-11-11 03:36 - 001111272 _____ C:\WINDOWS\system32\vulkan-1.dll 2021-11-16 22:43 - 2021-11-11 03:36 - 000965352 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2021-11-16 22:43 - 2021-11-11 03:36 - 000965352 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2021-11-16 22:43 - 2021-11-11 03:33 - 002116536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2021-11-16 22:43 - 2021-11-11 03:33 - 001597568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2021-11-16 22:43 - 2021-11-11 03:33 - 001523328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2021-11-16 22:43 - 2021-11-11 03:33 - 001174456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2021-11-16 22:43 - 2021-11-11 03:33 - 000802232 _____ C:\WINDOWS\system32\nvofapi64.dll 2021-11-16 22:43 - 2021-11-11 03:33 - 000709560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2021-11-16 22:43 - 2021-11-11 03:33 - 000678328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2021-11-16 22:43 - 2021-11-11 03:33 - 000635008 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2021-11-16 22:43 - 2021-11-11 03:33 - 000564352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2021-11-16 22:43 - 2021-11-11 03:32 - 008725944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2021-11-16 22:43 - 2021-11-11 03:32 - 007845816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2021-11-16 22:43 - 2021-11-11 03:32 - 004940728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2021-11-16 22:43 - 2021-11-11 03:32 - 002850432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2021-11-16 22:43 - 2021-11-11 03:32 - 000981120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2021-11-16 22:43 - 2021-11-11 03:32 - 000792192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2021-11-16 22:43 - 2021-11-11 03:32 - 000452224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2021-11-16 22:43 - 2021-11-11 03:31 - 000850872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2021-11-16 22:43 - 2021-11-11 03:30 - 006432960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2021-11-16 22:43 - 2021-11-09 23:27 - 000085718 _____ C:\WINDOWS\system32\nvinfo.pb 2021-11-10 12:04 - 2021-11-10 12:04 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-11-10 12:04 - 2021-11-10 12:04 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-11-10 12:04 - 2021-11-10 12:04 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-11-10 12:03 - 2021-11-10 12:03 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-12-01 00:58 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2021-12-01 00:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-12-01 00:54 - 2018-01-14 14:25 - 000000200 _____ C:\Users\Nojasy\AppData\Roaming\sp_data.sys 2021-12-01 00:53 - 2019-02-05 19:35 - 000000000 ____D C:\ProgramData\Mozilla 2021-12-01 00:53 - 2018-01-27 14:02 - 000000000 ____D C:\Program Files\CCleaner 2021-12-01 00:52 - 2017-07-09 17:51 - 000000000 ____D C:\Users\Nojasy\AppData\LocalLow\Mozilla 2021-12-01 00:52 - 2016-11-30 22:05 - 000000000 ____D C:\ProgramData\NVIDIA 2021-12-01 00:51 - 2020-08-06 16:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-12-01 00:51 - 2020-08-06 16:33 - 000008192 ___SH C:\DumpStack.log.tmp 2021-12-01 00:51 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-12-01 00:51 - 2019-09-19 20:20 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture 2021-12-01 00:51 - 2018-07-12 16:35 - 000005693 ___RH C:\farstone_pe.letter 2021-12-01 00:51 - 2017-07-09 17:46 - 000000000 __SHD C:\Users\Nojasy\IntelGraphicsProfiles 2021-12-01 00:50 - 2020-08-06 16:40 - 001767984 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-12-01 00:50 - 2019-12-07 16:08 - 000787066 _____ C:\WINDOWS\system32\perfh015.dat 2021-12-01 00:50 - 2019-12-07 16:08 - 000152910 _____ C:\WINDOWS\system32\perfc015.dat 2021-12-01 00:50 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-12-01 00:45 - 2020-08-06 16:40 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-12-01 00:23 - 2018-10-18 19:14 - 000000000 ____D C:\Users\Nojasy\AppData\Local\CrashDumps 2021-11-30 23:56 - 2018-07-09 20:42 - 000000000 ____D C:\Users\Nojasy\AppData\Local\AVAST Software 2021-11-30 23:56 - 2018-07-09 20:40 - 000000000 ____D C:\ProgramData\AVAST Software 2021-11-30 23:55 - 2017-11-26 23:01 - 000000000 ____D C:\Users\Nojasy\Downloads\ChomikBox 2021-11-30 23:48 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-11-30 23:43 - 2019-09-19 20:49 - 000007679 _____ C:\Users\Nojasy\AppData\Local\resmon.resmoncfg 2021-11-30 23:36 - 2020-08-06 16:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-11-30 22:31 - 2020-05-01 23:15 - 000000000 ____D C:\Users\Nojasy\AppData\Local\Google 2021-11-30 22:31 - 2019-07-08 19:48 - 000000000 ____D C:\Program Files (x86)\Google 2021-11-30 22:01 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2021-11-30 21:26 - 2021-10-15 14:13 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-11-30 21:26 - 2018-01-14 15:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-11-30 18:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-11-30 09:58 - 2018-01-14 15:13 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-11-28 23:22 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-11-28 22:11 - 2020-08-06 16:33 - 000741264 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-11-28 21:30 - 2020-08-06 16:34 - 000000000 ____D C:\Users\Nojasy 2021-11-28 20:50 - 2018-01-14 14:43 - 000000000 ____D C:\Users\Nojasy\AppData\Local\PlaceholderTileLogoFolder 2021-11-28 20:24 - 2021-10-15 18:54 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-11-28 20:24 - 2021-10-15 18:54 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-11-28 20:24 - 2021-10-15 18:54 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-11-28 20:24 - 2021-10-15 18:54 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-11-28 20:24 - 2021-10-15 18:54 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-11-28 20:24 - 2021-10-15 18:54 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-11-28 20:24 - 2021-10-15 18:54 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-11-28 20:24 - 2021-10-15 18:54 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-11-28 20:24 - 2021-10-15 18:54 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-11-28 20:24 - 2018-01-14 14:12 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2021-11-28 20:24 - 2018-01-14 14:12 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2021-11-28 20:24 - 2016-11-30 22:06 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2021-11-28 20:18 - 2018-05-27 19:35 - 000000000 ____D C:\Users\Nojasy\AppData\Roaming\NVIDIA 2021-11-28 19:57 - 2018-01-14 14:22 - 000000000 ____D C:\Users\Nojasy\AppData\Local\Packages 2021-11-28 19:35 - 2020-06-16 16:13 - 000002410 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-11-28 19:34 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-11-28 19:29 - 2018-04-19 18:14 - 000000000 ____D C:\ProgramData\DatacardService 2021-11-28 19:09 - 2018-08-28 10:50 - 000000000 ____D C:\Users\Nojasy\AppData\Local\D3DSCache 2021-11-28 18:52 - 2017-07-09 17:48 - 000000000 ___RD C:\Users\Nojasy\OneDrive 2021-11-28 18:39 - 2017-07-25 21:39 - 000000000 ___RD C:\Users\Nojasy\Desktop\DAW 2021-11-28 16:20 - 2018-01-14 14:22 - 000000000 ____D C:\Users\Nojasy\AppData\Local\NVIDIA 2021-11-28 15:51 - 2018-01-14 22:25 - 000000000 ____D C:\Users\Nojasy\AppData\Roaming\vlc 2021-11-23 08:27 - 2021-10-15 18:55 - 002849992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2021-11-23 08:27 - 2021-10-15 18:55 - 002195656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2021-11-23 08:27 - 2021-10-15 18:55 - 001294032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll 2021-11-21 19:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-11-19 16:04 - 2018-07-10 21:47 - 000000000 ____D C:\ProgramData\Packages 2021-11-17 08:05 - 2020-08-06 16:40 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-11-17 08:05 - 2020-08-06 16:40 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-11-16 19:36 - 2021-10-15 18:54 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat 2021-11-14 14:51 - 2017-08-06 22:32 - 000000000 ____D C:\Users\Nojasy\Documents\BIAS_FX 2021-11-11 03:30 - 2017-12-12 19:25 - 007582144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2021-11-11 00:10 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-11-11 00:10 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-11-11 00:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-11-11 00:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-11-11 00:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-11-11 00:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-11-11 00:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-11-11 00:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-11-11 00:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2021-11-11 00:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-11-11 00:10 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2021-11-10 11:54 - 2018-01-14 22:37 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-11-10 11:52 - 2018-01-14 22:37 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-11-04 07:49 - 2018-02-05 21:55 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-11-01 04:00 - 2017-11-14 21:59 - 000048552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys 2021-11-01 04:00 - 2016-11-30 22:04 - 000175248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2021-11-01 04:00 - 2016-11-30 22:04 - 000154224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll ==================== Pliki w katalogu głównym wybranych folderów ======== 2019-08-17 10:55 - 2019-08-17 10:55 - 828648624 _____ (Autodesk, Inc.) C:\Program Files (x86)\DWGTrueView_2018_ENU_64bit.sfx.exe 2018-06-25 19:33 - 2017-08-06 22:32 - 000000030 _____ () C:\Users\Nojasy\AppData\Roaming\.pgbiasfx 2018-06-25 19:55 - 2021-09-25 23:06 - 000000032 _____ () C:\Users\Nojasy\AppData\Roaming\msregsvv.dll 2018-01-14 14:25 - 2021-12-01 00:54 - 000000200 _____ () C:\Users\Nojasy\AppData\Roaming\sp_data.sys 2021-11-28 21:30 - 2021-11-28 21:36 - 001065984 _____ () C:\Users\Nojasy\AppData\Local\file__0.localstorage 2019-09-19 20:49 - 2021-11-30 23:43 - 000007679 _____ () C:\Users\Nojasy\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================