Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 25-02-2023 Uruchomiony przez Magda (administrator) MAGDA-KOMPUTER (Dell Inc. Inspiron 3521) (25-02-2023 22:50:15) Uruchomiony z C:\Users\Magda\Desktop\LOGIfrst Załadowane profile: Magda Platform: Microsoft Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Domyślna przeglądarka: Opera Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe (C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE ->) (Dell Inc.) [Brak podpisu cyfrowego] C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE (C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (C:\ProgramData\DatacardService\HWDeviceService64.exe ->) (HUAWEI Technologies Co., Ltd. -> Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (explorer.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (explorer.exe ->) (Compal Electronics, Inc. -> Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe (explorer.exe ->) (Dell Inc.) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (explorer.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (HUAWEI Technologies Co., Ltd. -> ) C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxTray.exe (Opera Norway AS -> Opera Software) C:\Program Files (x86)\Opera\95.0.4635.46\opera_autoupdate.exe <2> (Opera Norway AS -> Opera Software) C:\Program Files (x86)\Opera\95.0.4635.46\opera_crashreporter.exe (Opera Norway AS -> Opera Software) C:\Program Files (x86)\Opera\opera.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (services.exe ->) (Dell Inc.) [Brak podpisu cyfrowego] C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE (services.exe ->) (Digital Wave Ltd -> Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe (services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrB.exe (services.exe ->) (HUAWEI Technologies Co., Ltd. -> ) C:\ProgramData\DatacardService\HWDeviceService64.exe (services.exe ->) (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (services.exe ->) (Intel(R) Software Asset Manager -> Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe (services.exe ->) (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe (services.exe ->) (Protexis Inc. -> Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (svchost.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (svchost.exe ->) (Microsoft Corporation) [Brak podpisu cyfrowego] C:\Windows\System32\dwm.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2796272 2013-11-22] (Synaptics Incorporated -> Synaptics Incorporated) HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [8925184 2015-11-16] (Dell Inc.) [Brak podpisu cyfrowego] [Plik w użyciu] HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3163248 2022-01-09] (Open Source Developer, Dominik Reichl -> Dominik Reichl) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [5762408 2013-03-05] (Compal Electronics, Inc. -> Dell Inc.) HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (Brak pliku) HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (Brak pliku) HKU\S-1-5-18\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (Brak pliku) HKLM\...\Windows x64\Print Processors\hpzppWN7: C:\Windows\System32\spool\prtprocs\x64\hpzppWN7.dll [101376 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\Bullzip PDF Print Monitor: C:\Program Files\Common Files\Bullzip\PDF Printer\Ports\BULLZIP\bzpdf.dll [218112 2017-03-10] (Bullzip) [Brak podpisu cyfrowego] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2023-02-10] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2022-12-24] (Adobe Inc. -> Adobe Systems, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll (Broadcom Corporation -> Broadcom Corporation.) HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] -> C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll [2014-11-17] (Broadcom Corporation -> Broadcom Corporation.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-11-16] ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.) ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {349F20C9-C359-41B5-BCB4-16B85E9CF6ED} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 ] (Microsoft Corporation -> Microsoft Corporation) Task: {71651DB7-A71C-49DD-8383-2B8DC16C1E39} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation) Task: {7635CC91-833F-4BED-866E-A6217867650B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.) Task: {B7230A59-6145-4C4D-AA87-07162AF36ADC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.) Task: {EB92AA25-675D-42FE-84FE-3B22E2F9215A} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2955849912-3311645180-3193570865-1000Core.job => C:\Users\Magda\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2955849912-3311645180-3193570865-1000UA.job => C:\Users\Magda\AppData\Local\Dropbox\Update\DropboxUpdate.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 Tcpip\..\Interfaces\{21611003-D5DE-4F33-B74E-347297FEFE96}: [NameServer] 9.9.9.9,149.112.112.112 Tcpip\..\Interfaces\{21611003-D5DE-4F33-B74E-347297FEFE96}: [DhcpNameServer] 192.168.100.1 FireFox: ======== FF Plugin-x32: @ganymede/GanymedeNetPlugin,version=1.0 -> C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll [2013-07-15] (Ganymede Sp. z o.o. -> ) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Magda\AppData\Local\Google\Chrome\User Data\Default [2023-02-25] CHR StartupUrls: Default -> "hxxp://www.gazeta.pl/0,0.html?p=190" CHR Extension: (uBlock Origin) - C:\Users\Magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-01-12] CHR Extension: (Fir-tree) - C:\Users\Magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbpemgbdaekmlhodlloofbmpkmmpdghd [2016-12-07] CHR Extension: (Dokumenty Google offline) - C:\Users\Magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-02] CHR Extension: (Sprawdzanie poczty Google) - C:\Users\Magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-02-09] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-01] CHR Profile: C:\Users\Magda\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-02-25] CHR HomePage: Guest Profile -> hxxp://www.gazeta.pl/0,0.html?p=190 CHR StartupUrls: Guest Profile -> "hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190" Opera: ======= OPR Profile: C:\Users\Magda\AppData\Roaming\Opera Software\Opera Stable [2023-02-25] OPR Notifications: Opera Stable -> hxxps://drive.google.com; hxxps://ktomalek.pl; hxxps://ottwow.com; hxxps://panel.opinie.pl; hxxps://pikio.pushalert.co; hxxps://pilot.wp.pl; hxxps://poczta.onet.pl; hxxps://www-wedding-pl.pushpushgo.com; hxxps://www.ebilet.pl; hxxps://www.eurofirany.com.pl; hxxps://www.iparts.pl; hxxps://www.ipla.tv; hxxps://www.polsatnews.pl OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (KeePassHelper Password Manager) - C:\Users\Magda\AppData\Roaming\Opera Software\Opera Stable\Extensions\calafnphoinbmicbijemddahngbpdlke [2020-08-20] OPR Extension: (Rich Hints Agent) - C:\Users\Magda\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-10-28] OPR Extension: (Opera Wallet) - C:\Users\Magda\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-02-15] OPR Extension: (Gismeteo) - C:\Users\Magda\AppData\Roaming\Opera Software\Opera Stable\Extensions\gomohoalpkcdboocdnbeajbbjmifijbg [2019-04-10] OPR Extension: (uBlock Origin) - C:\Users\Magda\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2023-02-25] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.) R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [98208 2009-11-17] (Andrea Electronics -> Andrea Electronics Corporation) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2018-10-10] (Digital Wave Ltd -> Digital Wave Ltd.) R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] (HUAWEI Technologies Co., Ltd. -> ) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8842536 2022-10-23] (Malwarebytes Inc. -> Malwarebytes) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) S2 PLAY ONLINE. RunOuc; C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe [246112 2015-12-26] (HUAWEI Technologies Co., Ltd. -> ) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2017-04-23] (Even Balance, Inc. -> ) R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2017-04-23] (Even Balance, Inc. -> ) R2 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation -> Microsoft Corporation) R2 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6178304 2015-11-16] (Dell Inc.) [Brak podpisu cyfrowego] ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [41608 2018-10-20] (Techporch Incorporated -> Dell Inc.) S3 DellProf; C:\Windows\System32\drivers\DellProf.sys [41208 2018-10-20] (Techporch Incorporated -> Dell Computer Corporation) S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [42256 2019-02-23] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [59360 2019-02-23] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 ew_hwusbdev; C:\Windows\System32\DRIVERS\ew_hwusbdev.sys [117248 2015-12-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 ew_usbenumfilter; C:\Windows\System32\DRIVERS\ew_usbenumfilter.sys [13952 2015-12-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [98304 2015-12-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R3 huawei_enumerator; C:\Windows\System32\DRIVERS\ew_jubusenum.sys [87040 2015-12-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [28672 2015-12-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [218624 2015-12-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-09-26] (Martin Malik - REALiX -> REALiX(tm)) S3 intelkmd; C:\Windows\System32\DRIVERS\igdpmd64.sys [9000256 2012-08-23] (Intel Corporation) [Brak podpisu cyfrowego] S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-10-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation) R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation) S3 nmwcd; C:\Windows\System32\drivers\ccdcmbx64.sys [19968 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia) S3 nmwcdc; C:\Windows\System32\drivers\ccdcmbox64.sys [27136 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia) S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfdx64.sys [26112 2012-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Nokia) R0 rtcrfilt64; C:\Windows\System32\DRIVERS\rtcrfilt64.sys [19600 2000-01-01] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [12400 2017-10-08] (Macrovision Europe Ltd) [Brak podpisu cyfrowego] S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 TsUsbGD; C:\Windows\system32\drivers\TsUsbGD.sys [30208 2012-08-23] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerfltx64.sys [9216 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia) S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltjx64.sys [9216 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia) S3 MpKsl66083cbd; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{723BB07E-37F2-4B6B-AB78-307C88BACC57}\MpKslDrv.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2023-02-25 22:37 - 2023-02-25 22:37 - 000010896 _____ C:\Users\Magda\Desktop\raportRogue.txt 2023-02-25 22:01 - 2023-02-25 22:01 - 035073968 _____ C:\Users\Magda\Desktop\RogueKiller_portable64 (1).exe 2023-02-25 21:41 - 2023-02-25 21:41 - 000000000 ____D C:\ProgramData\RogueKiller 2023-02-25 21:16 - 2023-02-25 21:16 - 000001029 _____ C:\Users\Public\Desktop\BleachBit.lnk 2023-02-25 21:16 - 2023-02-25 21:16 - 000000000 ____D C:\Users\Magda\AppData\Roaming\BleachBit 2023-02-25 21:16 - 2023-02-25 21:16 - 000000000 ____D C:\Users\Magda\.dbus-keyrings 2023-02-25 21:16 - 2023-02-25 21:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BleachBit 2023-02-25 21:16 - 2023-02-25 21:16 - 000000000 ____D C:\Program Files (x86)\BleachBit 2023-02-25 21:09 - 2023-02-25 21:09 - 012078560 _____ (BleachBit.org) C:\Users\Magda\Desktop\BleachBit-4.2.0-setup.exe 2023-02-25 19:26 - 2023-02-25 19:26 - 000000000 ____D C:\Windows\pss 2023-02-25 16:33 - 2023-02-25 21:30 - 000000000 ____D C:\Users\Magda\Desktop\LOGIfrst 2023-02-25 14:50 - 2023-02-25 14:50 - 000000000 ____D C:\Users\Magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2023-02-25 14:15 - 2023-02-25 14:15 - 000000000 ____D C:\Users\Magda\Desktop\ggps_roboty-nmt 2023-02-25 14:12 - 2023-02-25 14:12 - 000222363 _____ C:\Users\Magda\Desktop\5508598645_22_0.pdf 2023-02-19 19:25 - 2023-02-19 19:25 - 000559117 _____ C:\Users\Magda\Desktop\Z-15A_392803772.PDF.pdf 2023-02-19 17:46 - 2023-02-19 18:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2023-02-19 17:35 - 2023-02-19 17:36 - 000000000 ____D C:\Users\Magda\Desktop\500plusROK2023 ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2023-02-25 22:51 - 2015-01-29 09:41 - 000000000 ____D C:\FRST 2023-02-25 22:47 - 2014-05-29 17:48 - 000000000 ____D C:\Program Files (x86)\Google 2023-02-25 22:45 - 2019-02-18 22:24 - 000000000 __SHD C:\Users\Magda\IntelGraphicsProfiles 2023-02-25 22:44 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2023-02-25 21:40 - 2009-07-14 05:45 - 000032000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2023-02-25 21:40 - 2009-07-14 05:45 - 000032000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2023-02-25 21:27 - 2017-11-26 11:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 2 2023-02-25 21:27 - 2014-05-29 10:21 - 000000000 ____D C:\Users\Magda\Desktop\Programy 2023-02-25 21:16 - 2014-05-29 10:10 - 000000000 ____D C:\Users\Magda 2023-02-25 21:13 - 2017-05-13 11:21 - 000000000 ____D C:\Windows\system32\Tasks\WiseCleaner 2023-02-25 21:13 - 2016-12-17 09:53 - 000000000 ____D C:\Program Files (x86)\Wise 2023-02-25 21:05 - 2022-04-21 18:54 - 000000000 ____D C:\Users\Magda\AppData\Roaming\uTorrent 2023-02-25 20:44 - 2015-06-13 07:42 - 000001162 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2955849912-3311645180-3193570865-1000UA.job 2023-02-25 19:46 - 2019-02-14 22:08 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2023-02-25 19:40 - 2014-05-29 18:01 - 000000000 ____D C:\Program Files\Dell 2023-02-25 19:40 - 2014-05-29 16:48 - 000000000 ____D C:\ProgramData\Dell 2023-02-25 19:00 - 2017-04-09 18:53 - 000000000 ____D C:\Users\Magda\AppData\LocalLow\Mozilla 2023-02-25 18:58 - 2022-07-01 16:43 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2023-02-25 18:38 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\Windows Sidebar 2023-02-25 18:38 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files (x86)\Windows Sidebar 2023-02-25 18:38 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\PolicyDefinitions 2023-02-25 18:37 - 2018-11-26 20:44 - 000000000 ____D C:\Users\Magda\AppData\Roaming\PhotoScape 2023-02-25 18:37 - 2017-04-22 17:32 - 000000000 ____D C:\Program Files (x86)\Steam 2023-02-25 18:37 - 2014-05-29 10:22 - 000000000 ____D C:\Users\Magda\AppData\Roaming\DAEMON Tools Lite 2023-02-25 18:30 - 2014-05-29 10:59 - 000000000 ____D C:\Windows\Panther 2023-02-25 18:30 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\ModemLogs 2023-02-25 18:29 - 2022-06-15 18:00 - 000000000 ____D C:\Users\Magda\AppData\Local\CrashDumps 2023-02-25 18:29 - 2020-08-02 11:38 - 000000000 ____D C:\Windows\Minidump 2023-02-25 17:30 - 2020-04-13 19:30 - 000000000 ____D C:\Users\Magda\AppData\Roaming\JOSM 2023-02-25 17:25 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2023-02-25 17:23 - 2015-09-26 19:00 - 000000000 ____D C:\Program Files (x86)\ipla 2023-02-25 17:21 - 2017-10-08 09:49 - 000000000 ____D C:\Program Files (x86)\DAEMON Tools Lite 2023-02-25 14:51 - 2014-06-12 19:06 - 000000000 ____D C:\Users\Magda\AppData\Roaming\Dropbox 2023-02-25 14:44 - 2015-06-13 07:42 - 000001110 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2955849912-3311645180-3193570865-1000Core.job 2023-02-19 18:15 - 2015-10-02 05:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2023-02-19 18:15 - 2014-06-02 22:40 - 000000000 ____D C:\Program Files (x86)\Opera 2023-02-19 18:00 - 2022-10-12 16:16 - 000002065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk 2023-02-10 19:03 - 2014-05-29 17:48 - 000002236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk ==================== Pliki w katalogu głównym wybranych folderów ======== 2020-03-14 20:55 - 2020-03-14 20:55 - 000000847 _____ () C:\Users\Magda\AppData\Roaming\qnapi.ini 2015-06-22 18:23 - 2015-06-22 18:23 - 000000038 ___SH () C:\Users\Magda\AppData\Local\69ff07055291669bb2b218.72821112 2021-06-27 21:19 - 2021-06-27 21:19 - 000000869 _____ () C:\Users\Magda\AppData\Local\recently-used.xbel 2014-06-05 20:16 - 2014-06-05 20:16 - 000000017 _____ () C:\Users\Magda\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2020-08-25 10:22 ==================== Koniec FRST.txt ========================