Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 31-10-2022 Uruchomiony przez grzesiek (administrator) GRZESIEKK (Gigabyte Technology Co., Ltd. P67A-D3-B3) (31-10-2022 10:45:33) Uruchomiony z C:\Users\grzesiek\Downloads Załadowane profile: grzesiek Platform: Microsoft Windows 10 Home Wersja 21H2 19044.2130 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesEngine.exe (C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesPrismSync.exe (explorer.exe ->) () [Brak podpisu cyfrowego] C:\Program Files\SPC Gear Viro Plus USB\CPL\XearAudioCenter_x64.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <23> (explorer.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe <9> (RCS LT, UAB -> RCS LT) C:\Program Files (x86)\Combo Cleaner\ComboCleaner.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d67c20d727d4578c\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (RCS LT, UAB -> RCS LT) C:\Program Files (x86)\Combo Cleaner\ComboCleaner.Guard.exe (services.exe ->) (RCS LT, UAB -> RCS LT) C:\Program Files (x86)\Combo Cleaner\ComboCleaner.WinService.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.119.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1882168 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18381792 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [12849016 2022-10-14] (SteelSeries ApS -> SteelSeries ApS) HKLM\...\Run: [Cm108BSound] => C:\Program Files\SPC Gear Viro Plus USB\CPL\XearAudioCenter_x64.exe [2461664 2021-01-14] () [Brak podpisu cyfrowego] HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Ograniczenia <==== UWAGA HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Ograniczenia <==== UWAGA HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe (Brak pliku) HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe (Brak pliku) HKU\S-1-5-21-2266348176-2007330528-3430456370-1000\...\Run: [Discord] => C:\Users\grzesiek\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub) HKU\S-1-5-21-2266348176-2007330528-3430456370-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38502416 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-2266348176-2007330528-3430456370-1000\...\Run: [Microsoft Edge Update] => C:\Users\grzesiek\AppData\Local\Microsoft\EdgeUpdate\1.3.169.31\MicrosoftEdgeUpdateCore.exe [256440 2022-10-14] (Microsoft Corporation -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\107.0.5304.87\Installer\chrmstp.exe [2022-10-28] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [>{26923b43-4d38-484f-9b9e-de460746276c}] -> C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0EC22872-C7D3-4BED-ABFD-44CCB13DCABB} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4666896 2022-09-12] (Piriform Software Ltd -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "f222afb2-7491-4ae9-8771-07f3014c0472" --version "6.04.10044" --silent Task: {169D1EDD-6335-4D1E-B412-0705E8D45D5C} - System32\Tasks\GoogleUpdateTaskMachineCore{B54B7FE5-75B1-4B12-9EEA-D0A9188B7989} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-06] (Google LLC -> Google LLC) Task: {17761C22-505D-42B8-A33C-4526F5FEDD94} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {1CA8EEFC-E7EA-48D2-9D58-F1E6A992FA77} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Brak pliku) Task: {27FF92EC-D115-495F-BF59-CB08D1E261F0} - System32\Tasks\CCleanerSkipUAC - grzesiek => C:\Program Files\CCleaner\CCleaner.exe [32204304 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd) Task: {321BE45F-3C13-4BE2-B502-033D9B207AE4} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Brak pliku) Task: {45B8257F-CCCD-4231-B77B-863A2C45DE8E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Brak pliku) Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB} Task: {58DBAAD8-1D08-4349-9F70-476694820E16} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Brak pliku) Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {606F6BE3-53C7-4DE3-895D-3BCD6EA56D33} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-09-12] (Piriform Software Ltd -> Piriform) Task: {646C6AE3-3387-4DED-8D12-3B04978B484E} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {656669E6-AE1C-4048-A9A6-849BEBC7D76E} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Brak pliku) Task: {7C4D0B7E-19F0-43BC-A1D8-F3CA9DC7F06E} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {7E48B437-DE37-4609-89BA-1AD1382B8415} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Brak pliku) Task: {8309175A-0C48-40EC-9C0D-1E5D6D0A9004} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Brak pliku) Task: {88F328F6-C15C-42C8-87C3-3B61AEC622D2} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {A5A587FE-1E54-4BCD-AD98-59FF2EE7804F} - System32\Tasks\GoogleUpdateTaskMachineUA{9C17FD94-7030-44FC-BF60-AAC8173B8C52} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-06] (Google LLC -> Google LLC) Task: {AB843546-7814-4930-8B60-E54A6FCE9E5A} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Brak pliku) Task: {AC76A81E-1ACD-46C5-AA97-ACCE2214B6FD} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Brak pliku) Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {B413021D-8292-411B-A77E-35E9F00CA043} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2266348176-2007330528-3430456370-1000Core => C:\Users\grzesiek\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-07-01] (Microsoft Corporation -> Microsoft Corporation) Task: {B73B7B6A-60B4-4348-8F28-D8BDA3651AB7} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Brak pliku) Task: {C70CE95E-78DA-40F2-A6C9-CE5F00D069FC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Brak pliku) Task: {C8FAF9FD-BD5B-427B-8B1F-F1B65AE861B5} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2266348176-2007330528-3430456370-1000UA => C:\Users\grzesiek\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-07-01] (Microsoft Corporation -> Microsoft Corporation) Task: {C9C51D02-1DE3-48D6-A39E-44A3CDD3BA4F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Brak pliku) Task: {CC52076F-1895-4803-8279-929ECCFEB4B5} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Brak pliku) Task: {CD7A14A8-721F-41E4-85EC-273E52D922D2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Brak pliku) Task: {D1FBE795-8E07-400A-8013-9707464179BA} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Brak pliku) Task: {D35791A4-C80E-41D2-8FCF-A88630E356AE} - System32\Tasks\Opera GX scheduled Autoupdate 1666366313 => C:\Users\grzesiek\AppData\Local\Programs\Opera GX\launcher.exe [2471880 2022-10-18] (Opera Norway AS -> Opera Software) Task: {D5AE219B-1C7A-4F6D-9AD1-CF7D291A9319} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Brak pliku) Task: {DC434276-5723-4CD1-95C9-8A5CD3B30A63} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.) Task: {E0A242E8-99E9-4789-B7F7-13F091076DBC} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Brak pliku) Task: {E115FD07-0C6C-49DF-BA7B-8999962DF484} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Brak pliku) Task: {EBAC679B-A0AA-4C6D-8AC0-ACC3A27242FE} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {EBE4A20F-42B3-44B3-8D93-325F234FF1C8} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Brak pliku) Task: {F5ED50F1-1180-45B0-9048-F6143F774AC2} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Brak pliku) Task: {F61BFB03-DCB9-4E3E-8B47-932B65AF6B18} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Brak pliku) Task: {F95A89F1-3DFF-48AD-8ED7-DC48369E1BA3} - System32\Tasks\Updatit => C:\Users\grzesiek\AppData\Roaming\pluginy.js [83032 2022-06-21] () [Brak podpisu cyfrowego] (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{DB46D04A-833C-4531-B640-393B0B54B4D6}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\grzesiek\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-31] FireFox: ======== FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-10-16] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Brak podpisu cyfrowego] FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Brak podpisu cyfrowego] Chrome: ======= CHR Profile: C:\Users\grzesiek\AppData\Local\Google\Chrome\User Data\Default [2022-10-31] CHR Notifications: Default -> hxxps://sklep.ebilet.pl; hxxps://www.filmweb.pl CHR StartupUrls: Default -> "hxxp://www.google.pl/","www.wp.pl/?src01=dp3","hxxps://www.google.pl/","hxxp://onet.pl/" CHR Session Restore: Default -> [funkcja włączona] CHR Extension: (alerabat.com | kupony i cashback) - C:\Users\grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dacdinoicboceafielngnmjjplncljhj [2022-10-31] CHR Extension: (Dokumenty Google offline) - C:\Users\grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-01] CHR Extension: (Website Blocker (Beta)) - C:\Users\grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib [2020-05-06] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-17] CHR Profile: C:\Users\grzesiek\AppData\Local\Google\Chrome\User Data\System Profile [2022-04-06] Opera: ======= StartMenuInternet: (HKU\S-1-5-21-2266348176-2007330528-3430456370-1000) Opera GXStable - "C:\Users\grzesiek\AppData\Local\Programs\Opera GX\Launcher.exe" ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.) S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-05-07] (BattlEye Innovations e.K. -> ) R3 ComboCleaner.Guard; C:\Program Files (x86)\Combo Cleaner\ComboCleaner.Guard.exe [143488 2021-11-05] (RCS LT, UAB -> RCS LT) R3 ComboCleaner.WinService; C:\Program Files (x86)\Combo Cleaner\ComboCleaner.WinService.exe [151168 2021-11-05] (RCS LT, UAB -> RCS LT) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2022-04-02] (Malwarebytes Inc -> Malwarebytes) S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\GG\SteelSeriesUpdateService.exe [35200 2022-10-14] (SteelSeries ApS -> ) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d67c20d727d4578c\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d67c20d727d4578c\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 108B_VIRO_PLUS; C:\WINDOWS\System32\drivers\108B_VIRO_PLUS.sys [3677096 2021-02-01] (Microsoft Windows Hardware Compatibility Publisher -> CMedia Inc.) R3 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [802976 2020-12-04] (Bitdefender SRL -> Bitdefender) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2022-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [176008 2021-09-30] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender LLC) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210352 2022-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-04-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [193448 2022-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2022-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-10-29] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [149424 2022-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [48848 2020-12-21] (SteelSeries ApS -> SteelSeries ApS) R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [43960 2022-08-17] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS) R3 SteelSeries_Sonar_VAD; C:\WINDOWS\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_5f23057de8eba7db\SteelSeries-Sonar-VAD.sys [92856 2022-09-21] (SteelSeries ApS -> Windows (R) Win 7 DDK provider) R3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [615840 2021-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49616 2022-10-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [455968 2022-10-14] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-14] (Microsoft Windows -> Microsoft Corporation) U3 idsvc; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-10-31 10:45 - 2022-10-31 10:46 - 000020873 _____ C:\Users\grzesiek\Downloads\FRST.txt 2022-10-31 10:45 - 2022-10-31 10:46 - 000000000 ____D C:\FRST 2022-10-31 10:44 - 2022-10-31 10:44 - 002374144 _____ (Farbar) C:\Users\grzesiek\Downloads\FRST64.exe 2022-10-31 10:37 - 2022-10-31 10:37 - 000489752 _____ C:\Users\grzesiek\Downloads\Wniosek_KLĘSKI_pomoc_rodzinie_WWW (1).pdf 2022-10-31 10:20 - 2022-10-31 10:20 - 000489752 _____ C:\Users\grzesiek\Downloads\Wniosek_KLĘSKI_pomoc_rodzinie_WWW.pdf 2022-10-31 10:15 - 2022-10-31 10:15 - 000814312 _____ C:\Users\grzesiek\Desktop\Polisa.pdf 2022-10-31 10:14 - 2022-10-31 10:14 - 002154610 _____ C:\Users\grzesiek\Desktop\Scan31.10.2022101252.pdf 2022-10-31 09:47 - 2022-10-31 09:47 - 000001963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Combo Cleaner.lnk 2022-10-31 09:47 - 2022-10-31 09:47 - 000001957 _____ C:\Users\Public\Desktop\Combo Cleaner.lnk 2022-10-31 09:47 - 2022-10-31 09:47 - 000000000 ____D C:\Users\grzesiek\AppData\Local\RCS_LT 2022-10-31 09:46 - 2022-10-31 09:53 - 000000000 ____D C:\Program Files (x86)\Combo Cleaner 2022-10-31 09:46 - 2022-10-31 09:46 - 003594016 _____ (RCS LT) C:\Users\grzesiek\Downloads\CCSetup.exe 2022-10-29 09:46 - 2022-10-31 09:27 - 000000000 ____D C:\Users\grzesiek\AppData\LocalLow\IGDump 2022-10-29 09:46 - 2022-10-29 09:46 - 000210352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2022-10-29 09:46 - 2022-10-29 09:46 - 000193448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2022-10-29 09:46 - 2022-10-29 09:46 - 000149424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2022-10-29 09:46 - 2022-10-29 09:46 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2022-10-27 11:00 - 2022-10-27 11:00 - 000160318 _____ C:\Users\grzesiek\Downloads\mforys-krawiec-24102022102420-W2_notatki.pdf 2022-10-23 22:07 - 2022-10-23 22:07 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk 2022-10-21 16:32 - 2022-10-21 16:32 - 000000000 ____D C:\Users\grzesiek\AppData\Local\Opera Software 2022-10-21 16:31 - 2022-10-21 16:31 - 003529616 _____ (Opera Software) C:\Users\grzesiek\Downloads\OperaGXSetup.exe 2022-10-21 16:31 - 2022-10-21 16:31 - 000004248 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1666366313 2022-10-21 16:31 - 2022-10-21 16:31 - 000001480 _____ C:\Users\grzesiek\Desktop\Przeglądarka Opera GX.lnk 2022-10-21 16:31 - 2022-10-21 16:31 - 000001480 _____ C:\Users\grzesiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera GX.lnk 2022-10-21 16:31 - 2022-10-21 16:31 - 000000000 ____D C:\Users\grzesiek\AppData\Roaming\Opera Software 2022-10-19 20:31 - 2022-10-31 08:32 - 000003416 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting 2022-10-19 20:31 - 2022-10-31 08:32 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job 2022-10-19 20:14 - 2022-10-19 20:31 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2022-10-18 16:03 - 2022-10-18 16:03 - 000325610 _____ C:\Users\grzesiek\Downloads\CV - Grzegorz Wawrzeń (6).pdf 2022-10-18 15:04 - 2022-10-18 15:04 - 000325610 _____ C:\Users\grzesiek\Downloads\CV - Grzegorz Wawrzeń (5).pdf 2022-10-18 14:39 - 2022-10-18 14:39 - 000325804 _____ C:\Users\grzesiek\Downloads\CV - Grzegorz Wawrzeń (4).pdf 2022-10-18 14:35 - 2022-10-18 14:35 - 000325648 _____ C:\Users\grzesiek\Downloads\CV - Grzegorz Wawrzeń (3).pdf 2022-10-18 13:55 - 2022-10-18 13:55 - 000325449 _____ C:\Users\grzesiek\Downloads\CV - Grzegorz Wawrzeń (2).pdf 2022-10-18 13:24 - 2022-10-18 13:24 - 000308653 _____ C:\Users\grzesiek\Downloads\CV - Grzegorz Wawrzeń (1).pdf 2022-10-18 13:16 - 2022-10-18 13:16 - 000072290 _____ C:\Users\grzesiek\Downloads\Raport na temat umiejętności cyfrowych .pdf 2022-10-18 11:08 - 2022-10-18 11:08 - 000100758 _____ C:\Users\grzesiek\Downloads\CV - Grzegorz Wawrzeń.pdf 2022-10-18 09:02 - 2022-10-18 09:02 - 000111234 _____ C:\Users\grzesiek\Downloads\CV Grzegorz Wawrzeń (4).pdf 2022-10-13 18:54 - 2022-10-13 18:54 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2022-10-13 18:54 - 2022-10-13 18:54 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2022-10-13 18:54 - 2022-10-13 18:54 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2022-10-13 18:54 - 2022-10-13 18:54 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2022-10-13 18:54 - 2022-10-13 18:54 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2022-10-13 18:54 - 2022-10-13 18:54 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-10-13 18:53 - 2022-10-13 18:53 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-10-13 18:17 - 2022-10-13 18:17 - 000000000 ___HD C:\$WinREAgent 2022-10-12 20:30 - 2022-10-23 22:07 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2022-10-08 13:08 - 2022-10-08 13:08 - 002151423 _____ C:\Users\grzesiek\Downloads\kuzak-12102019190447-Narzedzia informatyki_I .ppsx 2022-10-03 10:48 - 2022-10-03 10:48 - 003319059 _____ C:\Users\grzesiek\Downloads\b8f4b5b2-bed3-46ec-8c26-0dc583270658Zarzadzenie Rektora_15_2021_2022 (1).pdf 2022-10-03 10:30 - 2022-10-03 10:30 - 003319059 _____ C:\Users\grzesiek\Downloads\b8f4b5b2-bed3-46ec-8c26-0dc583270658Zarzadzenie Rektora_15_2021_2022.pdf 2022-10-03 10:17 - 2022-10-03 10:17 - 000683672 _____ C:\Users\grzesiek\Downloads\podanie2 (2).pdf 2022-10-03 10:13 - 2022-10-03 10:13 - 000683672 _____ C:\Users\grzesiek\Downloads\podanie2 (1).pdf 2022-10-03 10:12 - 2022-10-03 10:12 - 000082505 _____ C:\Users\grzesiek\Downloads\Podanie (5).pdf 2022-10-03 10:12 - 2022-10-03 10:12 - 000082505 _____ C:\Users\grzesiek\Downloads\Podanie (4).pdf ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-10-31 10:39 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-10-31 10:22 - 2020-05-06 12:04 - 000000000 ____D C:\Program Files (x86)\Google 2022-10-31 09:47 - 2021-04-08 19:21 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2022-10-31 08:45 - 2022-06-04 17:03 - 000000000 ____D C:\Users\grzesiek 2022-10-31 08:32 - 2020-05-06 12:28 - 000000000 ____D C:\Program Files\CCleaner 2022-10-31 08:31 - 2020-11-19 00:31 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-10-31 08:31 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-10-31 08:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-10-31 08:29 - 2020-05-06 12:17 - 000000000 ____D C:\ProgramData\NVIDIA 2022-10-30 01:41 - 2022-06-04 17:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-10-29 09:46 - 2022-04-02 11:31 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2022-10-29 09:44 - 2022-06-04 17:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-10-29 09:44 - 2021-03-24 18:10 - 000008192 ___SH C:\DumpStack.log.tmp 2022-10-28 22:18 - 2020-05-06 12:05 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-10-23 22:08 - 2022-08-02 18:34 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2022-10-22 13:56 - 2021-12-15 15:25 - 000000000 ____D C:\Users\grzesiek\AppData\Roaming\discord 2022-10-22 13:48 - 2021-12-15 15:23 - 000000000 ____D C:\Users\grzesiek\AppData\Local\Discord 2022-10-21 16:34 - 2021-03-24 18:32 - 000000000 ____D C:\Users\grzesiek\AppData\Local\D3DSCache 2022-10-20 20:27 - 2022-06-04 17:27 - 001921094 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-10-20 20:27 - 2019-12-07 16:08 - 000823204 _____ C:\WINDOWS\system32\perfh015.dat 2022-10-20 20:27 - 2019-12-07 16:08 - 000171222 _____ C:\WINDOWS\system32\perfc015.dat 2022-10-20 20:27 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2022-10-19 20:33 - 2020-05-06 18:30 - 000000000 ____D C:\ProgramData\SteelSeries 2022-10-19 20:28 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2022-10-19 20:26 - 2021-04-13 20:30 - 000000000 ____D C:\Users\grzesiek\AppData\Roaming\uTorrent 2022-10-19 20:15 - 2022-06-04 10:03 - 000000000 ___DC C:\WINDOWS\Panther 2022-10-19 20:15 - 2020-05-06 12:47 - 000000000 ____D C:\Program Files (x86)\Steam 2022-10-19 20:07 - 2022-04-02 11:27 - 000000000 ____D C:\Users\grzesiek\Desktop\Grzesiek 2022-10-19 19:51 - 2021-09-24 09:09 - 000000000 ____D C:\Users\grzesiek\AppData\Roaming\CodeBlocks 2022-10-15 18:42 - 2022-06-04 17:14 - 000435584 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-10-15 18:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-10-15 18:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-10-15 18:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2022-10-15 18:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-10-15 18:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-10-15 18:37 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-10-15 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning 2022-10-15 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-10-15 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-10-14 23:17 - 2022-07-01 22:07 - 000003836 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2266348176-2007330528-3430456370-1000UA 2022-10-14 23:17 - 2022-07-01 22:07 - 000003778 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2266348176-2007330528-3430456370-1000Core 2022-10-14 09:14 - 2020-11-19 00:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2022-10-13 19:01 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2022-10-13 19:01 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2022-10-13 19:01 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-10-13 18:53 - 2022-06-04 17:17 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-10-13 03:17 - 2021-03-25 21:07 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-10-13 03:13 - 2021-03-25 21:07 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-10-12 20:10 - 2022-06-11 10:21 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-10-12 20:10 - 2022-06-11 10:21 - 000003472 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d8782f3bf1a67d ==================== Pliki w katalogu głównym wybranych folderów ======== 2022-06-21 20:28 - 2022-06-21 20:28 - 000083032 _____ () C:\Users\grzesiek\AppData\Roaming\pluginy.js 2020-10-15 18:35 - 2020-10-15 18:35 - 000003335 _____ () C:\Users\grzesiek\AppData\Local\recently-used.xbel ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================