Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 30-08-2022 Uruchomiony przez brygi (administrator) DESKTOP-I7478H5 (Dell Inc. Inspiron 7348) (31-08-2022 09:25:03) Uruchomiony z C:\Users\brygi\OneDrive\Pulpit Załadowane profile: brygi Platform: Microsoft Windows 10 Home Wersja 21H1 19043.1889 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe (C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe (C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe (C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4> (C:\Windows\SysWOW64\esif_uf.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <16> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe (explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe (Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe (services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe (services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe (services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe (services.exe ->) (Dell Inc -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe (services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe (services.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe (services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileCoAuth.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22062.542.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8712960 2015-10-23] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2015-10-23] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3951024 2019-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Ograniczenia <==== UWAGA HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Ograniczenia <==== UWAGA HKU\S-1-5-21-383624101-2792314899-793357047-1001\...\Run: [MicrosoftEdgeAutoLaunch_BCB5D7C81BEE5269C1C5C0DC7F1227EB] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3827104 2022-08-25] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-383624101-2792314899-793357047-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2642832 2022-08-28] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-383624101-2792314899-793357047-1001\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2642832 2022-08-28] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-383624101-2792314899-793357047-1004\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2642832 2022-08-28] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-383624101-2792314899-793357047-1004\...\Run: [MicrosoftEdgeAutoLaunch_13DCF11C210416B9F67D91FDC88FDF2A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3827104 2022-08-25] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-383624101-2792314899-793357047-1004\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38274576 2022-08-12] (Piriform Software Ltd -> Piriform Software Ltd) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\104.0.5112.102\Installer\chrmstp.exe [2022-08-22] (Google LLC -> Google LLC) Startup: C:\Users\brygi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wysyłanie do programu OneNote.lnk [2022-08-24] ShortcutTarget: Wysyłanie do programu OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {01328E84-E565-4E3B-B239-C75EFC7B8CF4} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2015-10-23] (Realtek Semiconductor Corp -> Realtek Semiconductor) Task: {059E03EA-BD69-4E7B-9F9E-C4422DF5EF17} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-02] (Google LLC -> Google LLC) Task: {3CC156C1-7381-4C41-9C9B-36205EF66239} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145304 2022-08-13] (Microsoft Corporation -> Microsoft Corporation) Task: {4606A842-4F51-4CA3-A679-15259A055A57} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-13] (Microsoft Corporation -> Microsoft Corporation) Task: {5605BF2C-228A-47B9-8BDC-18C9088074F2} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4172168 2022-08-28] (Microsoft Corporation -> Microsoft Corporation) Task: {6216AAB9-F605-4ADD-ACBC-477657DFB3F3} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\FrameworkAgents\SupportAssistInstaller.exe [663392 2022-08-22] (Dell Inc -> Dell Inc.) Task: {75C27007-73BA-4F28-9654-1488811A8766} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [965064 2022-08-13] (Microsoft Corporation -> Microsoft Corporation) Task: {8236A48F-5BF4-4F79-ACC3-D4D1BDD888D3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-08-12] (Piriform Software Ltd -> Piriform) Task: {83C6BBD0-3A54-41EA-9A8B-48E9F860AFAA} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation) Task: {8D5AE295-40A7-4DAE-ACC0-FA512FDC8C0C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-13] (Microsoft Corporation -> Microsoft Corporation) Task: {A6A4BCF0-3B97-403C-BE09-B194356EF67D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145304 2022-08-13] (Microsoft Corporation -> Microsoft Corporation) Task: {A9F35D98-E090-4667-BC1A-B3C0931D7A2B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-02] (Google LLC -> Google LLC) Task: {ADDD69F0-89E5-4EF6-BB70-709F5B43ECE9} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [61856 2022-08-13] (Microsoft Corporation -> Microsoft Corporation) Task: {BBACD3E1-C04C-44CF-9323-6DECCDC26AA4} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-383624101-2792314899-793357047-1004 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4172168 2022-08-28] (Microsoft Corporation -> Microsoft Corporation) Task: {CC73B3D6-FBF6-442A-8C8D-AFA4B29B6C85} - System32\Tasks\CCleanerSkipUAC - brygi => C:\Program Files\CCleaner\CCleaner.exe [31990800 2022-08-12] (Piriform Software Ltd -> Piriform Software Ltd) Task: {CE59A340-9679-4B89-B23C-3EFFA6985A6D} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-383624101-2792314899-793357047-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4172168 2022-08-28] (Microsoft Corporation -> Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 Tcpip\..\Interfaces\{0ef23464-e83c-466c-96a6-f8f2fb1b14b1}: [DhcpNameServer] 192.168.100.1 Edge: ======= Edge Profile: C:\Users\brygi\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-30] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\brygi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2022-08-30] Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn] Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn] FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\brygi\AppData\Local\Google\Chrome\User Data\Default [2022-08-31] CHR Notifications: Default -> hxxps://business.facebook.com; hxxps://meet.google.com; hxxps://twitter.com CHR HomePage: Default -> hxxps://www.google.com/ CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://www.google.com/","hxxp://www.interia.pl/#utm_source=instalki1&utm_medium=installer&utm_campaign=instalki1&iwa_source=installer_instalki","hxxps://www.google.com/","hxxps://www.google.com/","hxxp://www.gazeta.pl/0,0.html?p=189" CHR Extension: (Dokumenty Google offline) - C:\Users\brygi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-30] CHR Extension: (AdBlock — najlepszy bloker reklam) - C:\Users\brygi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-08-30] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\brygi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-08-30] CHR Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\brygi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-08-30] CHR Extension: (Notion Web Clipper) - C:\Users\brygi\AppData\Local\Google\Chrome\User Data\Default\Extensions\knheggckgoiihginacbkhaalnibhilkk [2022-06-06] CHR Extension: (Yellow highlighter pen for web) - C:\Users\brygi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnmengjdnfjbochkdkcjbbpildacancp [2021-11-02] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\brygi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-02] CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12102608 2022-08-13] (Microsoft Corporation -> Microsoft Corporation) R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458960 2022-08-16] (Dell Inc -> Dell Technologies Inc.) R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [161488 2022-08-16] (Dell Inc -> Dell Technologies Inc.) R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [484560 2022-08-16] (Dell Inc -> Dell Technologies Inc.) R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [45784 2022-08-17] (Dell Inc -> ) R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [156064 2022-08-15] (Dell Inc -> Dell) S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncHelper.exe [3389832 2022-08-28] (Microsoft Corporation -> Microsoft Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8765464 2022-08-30] (Malwarebytes Inc. -> Malwarebytes) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.161.0731.0002\OneDriveUpdaterService.exe [3830152 2022-08-28] (Microsoft Corporation -> Microsoft Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579272 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497808 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts) R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [160096 2022-08-22] (Dell Inc -> Dell Inc.) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24968 2022-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Dell) S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies) R3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [37808 2022-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Dell) R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [29160 2018-07-27] (Dell Inc -> OSR Open Systems Resources, Inc.) S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2022-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-08-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [193488 2022-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [75216 2022-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181992 2022-08-30] (Malwarebytes Inc. -> Malwarebytes) S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [65144 2021-06-29] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated) S3 VClone; C:\WINDOWS\System32\drivers\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2022-06-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [452856 2022-06-23] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-23] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-08-31 09:19 - 2022-08-31 09:25 - 000000000 ____D C:\FRST 2022-08-31 07:23 - 2022-08-31 07:23 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2022-08-30 18:21 - 2022-08-30 18:21 - 000193488 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2022-08-30 18:21 - 2022-08-30 18:21 - 000181992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2022-08-30 18:21 - 2022-08-30 18:21 - 000075216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2022-08-30 18:19 - 2022-08-30 18:19 - 000070478 _____ C:\Users\brygi\OneDrive\Dokumenty\cc_20220830_181901.reg 2022-08-30 18:15 - 2022-08-31 07:26 - 000000000 ____D C:\Program Files\CCleaner 2022-08-30 18:15 - 2022-08-30 18:15 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2022-08-30 18:15 - 2022-08-30 18:15 - 000002904 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - brygi 2022-08-30 18:15 - 2022-08-30 18:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2022-08-30 17:40 - 2022-08-30 17:40 - 000000000 ____D C:\Users\brygi\AppData\Local\mbam 2022-08-30 17:39 - 2022-08-30 17:39 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2022-08-30 17:39 - 2022-08-30 17:39 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2022-08-30 17:39 - 2022-08-30 17:39 - 000002041 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2022-08-30 17:39 - 2022-08-30 17:38 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2022-08-30 17:39 - 2022-08-30 17:38 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2022-08-30 17:38 - 2022-08-30 17:38 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-08-30 17:38 - 2022-08-30 17:38 - 000000000 ____D C:\Program Files\Malwarebytes 2022-08-30 17:19 - 2022-08-30 17:19 - 000000000 ____D C:\Users\brygi\AppData\Local\D3DSCache 2022-08-29 21:09 - 2022-08-29 21:09 - 000024968 _____ (Dell) C:\WINDOWS\system32\Drivers\DBUtilDrv2.sys 2022-08-28 19:08 - 2022-08-28 19:08 - 000003946 _____ C:\WINDOWS\system32\Tasks\Dell SupportAssistAgent AutoUpdate 2022-08-28 19:00 - 2022-08-28 19:00 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2022-08-28 19:00 - 2022-08-28 19:00 - 000002186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-08-13 22:14 - 2022-08-13 22:14 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr 2022-08-13 22:14 - 2022-08-13 22:14 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr 2022-08-13 22:14 - 2022-08-13 22:14 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-08-13 22:14 - 2022-08-13 22:14 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2022-08-13 22:14 - 2022-08-13 22:14 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll 2022-08-13 22:14 - 2022-08-13 22:14 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll 2022-08-13 22:14 - 2022-08-13 22:14 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2022-08-13 22:14 - 2022-08-13 22:14 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-08-13 22:05 - 2022-08-13 22:05 - 000000000 ___HD C:\$WinREAgent ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-08-31 09:25 - 2021-11-02 19:05 - 000000000 ____D C:\Program Files (x86)\Google 2022-08-31 09:14 - 2021-11-01 18:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-08-31 08:22 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2022-08-31 08:11 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-08-31 08:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-08-31 08:10 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-08-31 07:24 - 2021-11-02 19:19 - 000000000 ___RD C:\Users\brygi\OneDrive 2022-08-31 07:23 - 2021-11-02 19:17 - 000000000 __SHD C:\Users\brygi\IntelGraphicsProfiles 2022-08-30 22:31 - 2021-11-02 19:17 - 000000000 ____D C:\Users\brygi\AppData\Local\Packages 2022-08-30 18:27 - 2021-11-01 19:05 - 001768164 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-08-30 18:27 - 2019-12-07 17:08 - 000787108 _____ C:\WINDOWS\system32\perfh015.dat 2022-08-30 18:27 - 2019-12-07 17:08 - 000152952 _____ C:\WINDOWS\system32\perfc015.dat 2022-08-30 18:20 - 2021-11-02 19:16 - 000000000 ____D C:\Users\brygi 2022-08-30 18:20 - 2021-11-01 18:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-08-30 18:20 - 2021-11-01 18:57 - 000008192 ___SH C:\DumpStack.log.tmp 2022-08-30 18:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2022-08-30 18:20 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2022-08-30 17:39 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-08-30 10:53 - 2021-11-18 09:22 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2022-08-29 21:10 - 2021-11-02 19:05 - 000003570 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2022-08-29 21:10 - 2021-11-02 19:05 - 000003446 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2022-08-28 19:09 - 2021-11-01 19:46 - 000000000 ____D C:\Program Files\Dell 2022-08-28 19:06 - 2021-11-01 18:58 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-08-28 19:01 - 2022-03-30 18:48 - 000000000 ____D C:\Program Files\dotnet 2022-08-28 19:01 - 2021-11-02 19:01 - 000000000 ____D C:\ProgramData\Package Cache 2022-08-28 19:00 - 2022-01-13 17:24 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-383624101-2792314899-793357047-1001 2022-08-28 19:00 - 2021-12-11 23:03 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-383624101-2792314899-793357047-1004 2022-08-23 09:07 - 2021-11-01 18:58 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-08-23 09:07 - 2021-11-01 18:58 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-08-22 21:02 - 2021-11-02 19:06 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-08-14 22:38 - 2021-11-01 19:58 - 000439400 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-08-14 22:37 - 2019-12-07 17:11 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2022-08-14 22:37 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-08-14 22:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2022-08-14 22:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-08-14 22:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-08-14 22:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2022-08-14 22:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2022-08-14 22:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-08-14 22:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-08-14 22:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2022-08-14 22:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-08-13 22:18 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-08-13 22:14 - 2021-11-01 18:58 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-08-13 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2022-08-13 22:01 - 2021-11-04 00:54 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-08-13 21:59 - 2021-11-04 00:54 - 144534560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-08-13 18:09 - 2022-03-01 21:44 - 000000000 ____D C:\Program Files (x86)\Origin 2022-08-13 18:03 - 2021-11-07 19:56 - 000000000 ____D C:\Program Files\Microsoft Office ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================