Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 16-09-2024 Uruchomiony przez Giant (administrator) LAPTOP-G46LM8RA (HP OMEN by HP Laptop) (18-09-2024 12:31:12) Uruchomiony z E:\Pobrane\FRST64.exe Załadowane profile: Giant Platforma: Microsoft Windows 10 Home Wersja 2004 19041.1415 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (C:\Program Files\SpyShelter\sps_service.exe ->) (SpyShelter (Netmeetings LLC) -> SpyShelter) C:\Program Files\SpyShelter\sps_helper.exe (C:\Program Files\SpyShelter\sps_service.exe ->) (SpyShelter (Netmeetings LLC) -> SpyShelter) C:\Program Files\SpyShelter\ui\SpyShelter.exe <2> (explorer.exe ->) () [Brak podpisu cyfrowego] C:\Program Files (x86)\FANTECH VX7 Gaming Mouse\Gaming Mouse3.0.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <11> (explorer.exe ->) (Open Source Developer, Dominik Reichl -> Dominik Reichl) E:\Dokumenty\KeePass Password Safe\KeePass.exe (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe (services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhmig.inf_amd64_7b03a437913dce6f\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (services.exe ->) (SpyShelter (Netmeetings LLC) -> SpyShelter) C:\Program Files\SpyShelter\sps_service.exe (services.exe ->) (voidtools -> voidtools) C:\Program Files\Everything\Everything.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11236136 2021-09-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [324488 2016-08-02] (HP Inc. -> HP) HKLM\...\Policies\Explorer: [NoWindowsUpdate] 1 HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Ograniczenia <==== UWAGA HKLM\Software\Policies\...\system: [EnableSmartScreen] 0 HKU\S-1-5-21-731927372-3572499909-2968678288-1003\...\Run: [KeePass Password Safe] => E:\Dokumenty\KeePass Password Safe\KeePass.exe [2175920 2017-06-02] (Open Source Developer, Dominik Reichl -> Dominik Reichl) HKU\S-1-5-21-731927372-3572499909-2968678288-1003\...\Run: [SpyShelter] => C:\Program Files\SpyShelter\ui\SpyShelter.exe [325392 2024-08-26] (SpyShelter (Netmeetings LLC) -> SpyShelter) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\128.0.6613.138\Installer\chrmstp.exe [2024-09-13] (Google LLC -> Google LLC) IFEO\EOSnotify.exe: [Debugger] / IFEO\InstallAgent.exe: [Debugger] / IFEO\MusNotification.exe: [Debugger] / IFEO\MusNotificationUx.exe: [Debugger] / IFEO\remsh.exe: [Debugger] / IFEO\SihClient.exe: [Debugger] / IFEO\UpdateAssistant.exe: [Debugger] / IFEO\upfc.exe: [Debugger] / IFEO\UsoClient.exe: [Debugger] / IFEO\WaaSMedic.exe: [Debugger] / IFEO\WaasMedicAgent.exe: [Debugger] / IFEO\Windows10Upgrade.exe: [Debugger] / IFEO\Windows10UpgraderApp.exe: [Debugger] / ==================== Zaplanowane zadania (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {26125677-91B4-4C6F-8F3C-2765215895CB} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{DD255514-4AA4-4B27-A1B4-CCE09F337123} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC) Task: {6790BCA5-8F05-4228-84A8-48A5ECC596DB} - System32\Tasks\HPCeeScheduleForGiant => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [99392 2016-05-12] (Hewlett-Packard Company -> HP Development Company, L.P.) Task: {760C5666-2AFF-4213-BC66-869CFAD6F1EF} - System32\Tasks\IECrashReporter => C:\Program Files (x86)\Internet Explorer\CrashReporter.exe [45568 2024-06-27] (Microsoft Corporation) [Brak podpisu cyfrowego] Task: {7AC11F64-7B79-4128-AFAA-BA659EDAE987} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28605656 2024-09-08] (Microsoft Corporation -> Microsoft Corporation) Task: {4B4FDCB6-F795-4C12-A220-4FB1C548344E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28605656 2024-09-08] (Microsoft Corporation -> Microsoft Corporation) Task: {21385E8F-972F-454D-B57E-1A8AFE30C331} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [222872 2024-09-14] (Microsoft Corporation -> Microsoft Corporation) Task: {B79D4238-C665-4C08-836A-14C6FB8DAADD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [222872 2024-09-14] (Microsoft Corporation -> Microsoft Corporation) Task: {18321A9F-B2B3-4CB2-A415-60C52BEFABDC} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1146048 2018-05-28] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.) -> C:\Program Files (x86)\Samsung\Samsung Magician\\/AUTOHIDE (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\HPCeeScheduleForGiant.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 195.46.37.3 195.46.37.2 Tcpip\..\Interfaces\{38806138-a6e7-4492-bfda-fa3f2e42e2ab}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{38806138-a6e7-4492-bfda-fa3f2e42e2ab}: [DhcpNameServer] 195.46.37.3 195.46.37.2 Tcpip\..\Interfaces\{7fdf2ac5-2f17-43bd-9809-12218b160844}: [DhcpNameServer] 192.168.208.229 Tcpip\..\Interfaces\{826da71a-c37b-46c4-ad9f-a94ae49d3ebb}: [DhcpNameServer] 195.46.37.3 195.46.37.2 Tcpip\..\Interfaces\{826da71a-c37b-46c4-ad9f-a94ae49d3ebb}\759646566496265627E45647F544F6D6132333F5548545: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{826da71a-c37b-46c4-ad9f-a94ae49d3ebb}\759646566496265627E45647F544F6D6132333F5548545: [DhcpNameServer] 195.46.37.3 195.46.37.2 Tcpip\..\Interfaces\{826da71a-c37b-46c4-ad9f-a94ae49d3ebb}\75966696F5357525236584844465E4: [DhcpNameServer] 5.8.8.8 Tcpip\..\Interfaces\{ba63ee0b-7255-49a8-a9c6-1675b00a4da1}: [DhcpNameServer] 192.168.208.229 Edge: ======= Edge Profile: C:\Users\Giant\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-28] Edge StartupUrls: Default -> "hxxp://duckduckgo.com/" Edge Extension: (Dokumenty Google offline) - C:\Users\Giant\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-23] Edge Extension: (Edge relevant text changes) - C:\Users\Giant\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-03-23] FireFox: ======== FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-19] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Profile 1 CHR Profile: C:\Users\Giant\AppData\Local\Google\Chrome\User Data\Default [2024-09-14] CHR DownloadDir: E:\Pobrane CHR HomePage: Default -> hxxps://duckduckgo.com/ CHR StartupUrls: Default -> "hxxp://www.giveawayoftheday.com/" CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms} CHR DefaultSearchKeyword: Default -> duckduckgo.com CHR DefaultNewTabURL: Default -> hxxps://duckduckgo.com/chrome_newtab CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list CHR Extension: (uBlock Origin) - C:\Users\Giant\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-05-24] CHR Extension: (Chrome Audio Capture) - C:\Users\Giant\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfokdmfpdnokpmpbjhjbcabgligoelgp [2024-05-17] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Giant\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-03-23] CHR Extension: (Google Sheets) - C:\Extension\4.5.6._0 [2024-06-29] CHR Extension: (Google Sheets) - C:\Extension\5.2.9._0 [2024-06-29] CHR Profile: C:\Users\Giant\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-09-18] CHR Notifications: Profile 1 -> hxxps://legaartis.pl; hxxps://poczta.interia.pl; hxxps://www.datezone.com; hxxps://www.facebook.com; hxxps://www.reddit.com; hxxps://www.xvideos.com; hxxps://www.youtube.com CHR HomePage: Profile 1 -> hxxp://duckduckgo.com/ CHR StartupUrls: Profile 1 -> "hxxp://giveawayoftheday.com/" CHR DefaultSearchURL: Profile 1 -> hxxps://duckduckgo.com/?q={searchTerms} CHR DefaultSearchKeyword: Profile 1 -> duckduckgo.com CHR DefaultNewTabURL: Profile 1 -> hxxps://duckduckgo.com/chrome_newtab CHR DefaultSuggestURL: Profile 1 -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list CHR Extension: (uBlock) - C:\Users\Giant\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\epcnnfbjfcgphgdmggkamkmgojdagdnn [2024-08-30] CHR Extension: (Chrome Audio Capture) - C:\Users\Giant\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kfokdmfpdnokpmpbjhjbcabgligoelgp [2024-07-21] CHR Extension: (Shazam: Find song names from your browser) - C:\Users\Giant\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2024-08-04] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Giant\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-06-04] CHR Profile: C:\Users\Giant\AppData\Local\Google\Chrome\User Data\System Profile [2024-07-13] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [2569352 2024-08-01] (Blizzard Entertainment, Inc. -> Blizzard Entertainment) S4 brlapi; C:\WINDOWS\brltty\bin\brltty.exe [847886 2022-05-02] (Microsoft Windows -> ) S4 cfbackd; C:\Program Files\CleverFiles\Disk Drill\cfbackd.w32.exe [298496 2022-08-30] (CleverFiles) [Brak podpisu cyfrowego] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14042808 2024-09-08] (Microsoft Corporation -> Microsoft Corporation) R2 Everything; C:\Program Files\Everything\Everything.exe [2240288 2019-02-04] (voidtools -> voidtools) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8965728 2024-09-14] (Malwarebytes Inc. -> Malwarebytes) S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-09-14] (Malwarebytes Inc. -> Malwarebytes) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhmig.inf_amd64_7b03a437913dce6f\Display.NvContainer\NVDisplay.Container.exe [1275000 2024-05-14] (NVIDIA Corporation -> NVIDIA Corporation) R2 sps_service; C:\Program Files\SpyShelter\sps_service.exe [2875664 2024-08-26] (SpyShelter (Netmeetings LLC) -> SpyShelter) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) S4 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [386552 2021-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Dokan Project) S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [226560 2020-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 hwusb_cdcacm; C:\WINDOWS\System32\drivers\hw_cdcacm.sys [127360 2020-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2020-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) U5 iaStorA; C:\Windows\System32\Drivers\iaStorA.sys [1469952 2016-03-14] (Intel(R) Rapid Storage Technology -> Intel Corporation) R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-09-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-09-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [134120 2018-02-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd) R1 SpyShelter; C:\WINDOWS\System32\drivers\SpyShelter.sys [100688 2024-04-09] (SpyShelter (Netmeetings LLC) -> Windows (R) Win 7 DDK provider) S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [65144 2021-06-29] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated) S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.) S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.) S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation) R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40200 2023-11-17] (HP Inc. -> HP) R2 WiseFS; C:\WINDOWS\WiseFs64.sys [12328 2015-02-26] (Lespeed Technology Ltd. -> WiseCleaner.com) [Brak podpisu cyfrowego] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-09-18 12:30 - 2024-09-18 12:31 - 000000000 ____D C:\FRST 2024-09-18 11:27 - 2024-09-18 11:27 - 000004036 _____ C:\WINDOWS\system32\Tasks\PostponeDeviceSetupToast_S-1-5-21-731927372-3572499909-2968678288-1003_5 2024-09-17 20:10 - 2024-09-18 12:31 - 000000000 ____D C:\ProgramData\SpyShelter 2024-09-17 20:10 - 2024-09-17 20:10 - 000000000 ____D C:\Users\Giant\AppData\Roaming\SpyShelter 2024-09-17 20:10 - 2024-09-17 20:10 - 000000000 ____D C:\Users\Giant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyShelter 2024-09-17 20:10 - 2024-09-17 20:10 - 000000000 ____D C:\Program Files\SpyShelter 2024-09-17 20:07 - 2024-09-17 20:07 - 000000000 ____D C:\Users\Giant\AppData\Local\ElevatedDiagnostics 2024-09-17 12:41 - 2024-09-17 12:41 - 000000000 ____D C:\Users\Giant\Documents\MobiKin WhatsApp Recovery for Android 2024-09-17 12:39 - 2024-09-17 12:39 - 000000000 ____D C:\Users\Giant\AppData\Roaming\MobiKin 2024-09-17 12:39 - 2024-09-17 12:39 - 000000000 ____D C:\Users\Giant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MobiKin 2024-09-17 12:39 - 2024-09-17 12:39 - 000000000 ____D C:\Program Files (x86)\MobiKin 2024-09-14 18:07 - 2024-09-16 21:29 - 000000000 ____D C:\Users\Giant\AppData\Local\CrashDumps 2024-09-14 16:57 - 2024-09-14 16:57 - 000000825 _____ C:\Users\Giant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RogueKiller Anti-Malware.lnk 2024-09-14 11:52 - 2024-09-15 11:51 - 000000000 ____D C:\Users\Giant\AppData\Local\Malwarebytes 2024-09-14 11:52 - 2024-09-14 11:52 - 000002100 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2024-09-14 11:52 - 2024-09-14 11:52 - 000000000 ____D C:\ProgramData\Malwarebytes 2024-09-14 11:52 - 2024-09-14 11:52 - 000000000 ____D C:\Program Files\Malwarebytes 2024-09-10 15:25 - 2024-09-10 15:25 - 000000000 ____D C:\Users\Giant\AppData\Roaming\NVIDIA 2024-09-09 20:48 - 2024-09-10 11:29 - 000000000 ____D C:\Program Files\Mozilla Thunderbird 2024-09-04 16:33 - 2024-09-04 16:33 - 000000000 ____D C:\Program Files\qBittorrent 2024-08-29 18:28 - 2024-08-29 18:28 - 000000000 ____D C:\WINDOWS\system32\lxss 2024-08-29 18:28 - 2024-08-29 18:28 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation 2024-08-29 18:25 - 2024-05-14 16:20 - 002031472 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2024-08-29 18:25 - 2024-05-14 16:20 - 002031472 _____ C:\WINDOWS\system32\vulkaninfo.exe 2024-08-29 18:25 - 2024-05-14 16:20 - 001578856 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2024-08-29 18:25 - 2024-05-14 16:20 - 001578856 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2024-08-29 18:25 - 2024-05-14 16:20 - 001445224 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2024-08-29 18:25 - 2024-05-14 16:20 - 001445224 _____ C:\WINDOWS\system32\vulkan-1.dll 2024-08-29 18:25 - 2024-05-14 16:20 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2024-08-29 18:25 - 2024-05-14 16:20 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2024-08-29 18:25 - 2024-05-14 16:17 - 000670240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll 2024-08-29 18:25 - 2024-05-14 16:17 - 000505992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll 2024-08-29 18:25 - 2024-05-14 16:16 - 060675192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2024-08-29 18:25 - 2024-05-14 16:16 - 002178680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2024-08-29 18:25 - 2024-05-14 16:16 - 001630344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2024-08-29 18:25 - 2024-05-14 16:16 - 001547896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2024-08-29 18:25 - 2024-05-14 16:16 - 001203312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2024-08-29 18:25 - 2024-05-14 16:16 - 001068552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2024-08-29 18:25 - 2024-05-14 16:16 - 001033352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2024-08-29 18:25 - 2024-05-14 16:16 - 000848520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2024-08-29 18:25 - 2024-05-14 16:16 - 000796296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2024-08-29 18:25 - 2024-05-14 16:15 - 016117792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2024-08-29 18:25 - 2024-05-14 16:15 - 013007392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2024-08-29 18:25 - 2024-05-14 16:15 - 006914592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2024-08-29 18:25 - 2024-05-14 16:15 - 005913096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2024-08-29 18:25 - 2024-05-14 16:15 - 005867552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll 2024-08-29 18:25 - 2024-05-14 16:15 - 003788832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2024-08-29 18:25 - 2024-05-14 16:15 - 000459912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2024-08-29 18:25 - 2024-05-14 16:14 - 007057800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2024-08-29 18:25 - 2024-05-14 16:14 - 006136008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2024-08-29 18:25 - 2024-05-14 16:14 - 000853000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2024-08-29 18:25 - 2024-05-14 04:22 - 000123909 _____ C:\WINDOWS\system32\nvinfo.pb 2024-08-29 18:23 - 2024-08-29 18:23 - 000002724 _____ C:\Users\Giant\Desktop\555.85-notebook-win10-win11-64bit-international-dch-whql.exe — skrót .lnk 2024-08-25 21:20 - 2024-08-25 21:21 - 000000000 ____D C:\Users\Giant\AppData\Roaming\NapiProjekt 2024-08-25 21:20 - 2024-08-25 21:20 - 000000000 ____D C:\Program Files (x86)\NapiProjekt ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-09-18 12:17 - 2024-03-23 19:21 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2024-09-18 12:06 - 2024-03-23 17:01 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-09-18 12:06 - 2024-03-23 17:01 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-09-18 11:31 - 2024-03-23 17:36 - 001838064 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-09-18 11:31 - 2024-03-23 17:04 - 000787066 _____ C:\WINDOWS\system32\perfh015.dat 2024-09-18 11:31 - 2024-03-23 17:04 - 000152910 _____ C:\WINDOWS\system32\perfc015.dat 2024-09-18 11:31 - 2024-03-23 17:00 - 000000000 ____D C:\WINDOWS\INF 2024-09-18 11:27 - 2024-04-12 20:44 - 000000000 ____D C:\ProgramData\NVIDIA 2024-09-18 11:27 - 2024-03-23 17:52 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2024-09-18 11:27 - 2024-03-23 17:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-09-18 11:27 - 2024-03-23 17:01 - 000000000 ____D C:\WINDOWS\ServiceState 2024-09-18 11:27 - 2018-12-07 14:24 - 000000000 __SHD C:\Users\Giant\IntelGraphicsProfiles 2024-09-18 11:26 - 2022-02-08 19:08 - 000008192 ___SH C:\DumpStack.log.tmp 2024-09-18 02:20 - 2024-03-23 16:57 - 000262144 _____ C:\WINDOWS\system32\config\BBI 2024-09-18 00:36 - 2024-03-23 17:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-09-17 22:12 - 2024-03-23 18:35 - 000000000 ____D C:\Users\Giant\AppData\Local\Battle.net 2024-09-17 20:49 - 2024-03-23 19:18 - 000000000 ____D C:\Users\Giant\AppData\Roaming\vlc 2024-09-15 11:49 - 2024-03-23 17:01 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-09-15 02:20 - 2024-03-23 17:01 - 000000000 ___SD C:\WINDOWS\system32\UNP 2024-09-15 02:20 - 2024-03-23 17:01 - 000000000 ____D C:\WINDOWS\SystemResources 2024-09-14 12:32 - 2024-03-23 18:01 - 000000000 ____D C:\Users\Giant\AppData\Roaming\Microsoft\MMC 2024-09-14 12:03 - 2024-03-23 17:57 - 000000000 ____D C:\Users\Giant\AppData\Roaming\Hewlett-Packard 2024-09-14 12:03 - 2024-03-23 17:53 - 000000000 ____D C:\Users\Giant\AppData\Local\Hewlett-Packard 2024-09-14 12:03 - 2016-09-21 03:12 - 000000000 ____D C:\ProgramData\HP 2024-09-14 12:03 - 2016-09-21 03:11 - 000000000 ____D C:\Program Files (x86)\HP 2024-09-14 12:03 - 2016-09-07 00:27 - 000000000 ___HD C:\hp 2024-09-14 11:55 - 2024-03-23 16:57 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-09-14 11:53 - 2022-02-11 17:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2024-09-14 11:52 - 2024-03-23 17:01 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2024-09-14 02:47 - 2016-09-21 03:15 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2024-09-14 00:29 - 2024-03-22 21:23 - 000000000 ____D C:\AdwCleaner 2024-09-13 11:32 - 2024-03-23 18:07 - 000002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-09-13 01:29 - 2024-03-23 19:14 - 000000000 ____D C:\Users\Giant\AppData\Local\Everything 2024-09-13 01:29 - 2024-03-23 19:12 - 000000000 ____D C:\Users\Giant\AppData\Roaming\Everything 2024-09-11 13:02 - 2024-03-23 18:37 - 000000000 ____D C:\Program Files (x86)\Diablo Immortal 2024-09-10 15:29 - 2024-03-23 19:33 - 000000000 ____D C:\Users\Giant\AppData\Roaming\slobs-client 2024-09-10 11:29 - 2024-03-23 19:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2024-09-10 03:06 - 2024-03-23 17:26 - 000000000 ____D C:\Users\Giant 2024-09-09 21:35 - 2024-03-23 19:21 - 000001062 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk 2024-09-09 11:40 - 2024-03-23 17:30 - 000003642 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{ADE31E79-0C8A-4C72-A64D-43E3C9F8AC2F} 2024-09-09 11:40 - 2024-03-23 17:30 - 000003518 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{A8FC0A0A-DFB7-4382-9162-057E3F633D6C} 2024-09-08 19:54 - 2024-03-23 19:31 - 000000000 ____D C:\Program Files\Streamlabs OBS 2024-09-06 15:36 - 2024-04-18 13:42 - 000000000 ____D C:\Users\Giant\AppData\Local\NVIDIA 2024-09-05 02:14 - 2024-08-04 00:44 - 000000023 _____ C:\Users\Giant\Desktop\shutdown.bat 2024-09-04 18:28 - 2024-03-23 19:32 - 000000403 _____ C:\Users\Giant\Desktop\DI OW.ahk 2024-09-04 17:08 - 2024-05-15 15:04 - 000000000 ____D C:\Users\Giant\AppData\Roaming\qBittorrent 2024-09-04 16:34 - 2024-05-15 15:04 - 000000000 ____D C:\Users\Giant\AppData\Local\qBittorrent 2024-09-04 16:33 - 2019-06-22 01:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent 2024-08-30 11:56 - 2024-03-23 17:19 - 000000000 ____D C:\WINDOWS\Panther 2024-08-30 11:49 - 2024-03-23 17:01 - 000000000 ____D C:\WINDOWS\system32\NDF 2024-08-29 18:28 - 2024-04-12 20:44 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2024-08-29 18:28 - 2023-11-17 14:26 - 000000000 ____D C:\Users\Giant\AppData\LocalLow\NVIDIA 2024-08-25 21:20 - 2019-01-02 23:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt 2024-08-22 12:44 - 2024-03-23 20:32 - 000000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForGiant.job 2024-08-21 13:13 - 2024-03-23 20:32 - 000003256 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForGiant ==================== Pliki w katalogu głównym wybranych folderów ======== 2024-03-29 02:12 - 2024-03-29 02:12 - 000000017 _____ () C:\Users\Giant\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================