Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 22-04-2022 Uruchomiony przez Robert (administrator) DESKTOP-6ABTJNR (06-05-2022 11:30:22) Uruchomiony z C:\Users\Robert\Downloads Załadowane profile: Robert Platform: Microsoft Windows 10 Pro Wersja 21H2 19044.1645 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <20> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe (services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_c0e159863e7afdde\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_0df2f655a6bd4669\RtkAudUService64.exe <2> (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2203.4603.0_x64__8wekyb3d8bbwe\Cortana.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_0df2f655a6bd4669\RtkAudUService64.exe [3453864 2022-03-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [122427152 2021-07-14] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2229093526-2955841385-3410047047-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2635160 2022-05-04] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2229093526-2955841385-3410047047-1001\...\Run: [GalaxyClient] => [X] HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\101.0.4951.54\Installer\chrmstp.exe [2022-05-05] (Google LLC -> Google LLC) IFEO\osppsvc.exe: [VerifierDlls] SppExtComObjHook.dll IFEO\SppExtComObj.exe: [VerifierDlls] SppExtComObjHook.dll ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {03150F0C-409F-4628-8BC6-4E1D191D5AB0} - System32\Tasks\MicrosoftEdgeShadowStackRollbackTask => C:\Program Files (x86)\Microsoft\Edge\Application\101.0.1210.32\Installer\setup.exe [3206048 2022-04-30] (Microsoft Corporation -> Microsoft Corporation) Task: {2D5679CD-380B-4FC4-8EF6-9948FCE52558} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1009872 2022-03-17] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {38B4A698-F147-4396-AAF8-4957D56DD689} - System32\Tasks\GoogleUpdateTaskMachineCore{C52F3EDC-8742-4C85-AC21-F57A056A8FF2} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-27] (Google LLC -> Google LLC) Task: {3B4B0B99-9AAB-4434-A525-543127FB589D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647376 2022-03-17] (Nvidia Corporation -> NVIDIA Corporation) Task: {44E37E59-9EBA-4814-A20F-B52E4AD3F599} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144792 2022-04-29] (Microsoft Corporation -> Microsoft Corporation) Task: {519F1E62-6A99-42CD-B5D1-C49D4D4EB17C} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-03-17] (Nvidia Corporation -> NVIDIA Corporation) Task: {588636F4-6CAA-4037-8961-F5E6B071EA69} - System32\Tasks\GoogleUpdateTaskMachineUA{2171F149-D57D-46DC-8B6D-A7C5D85510BB} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-27] (Google LLC -> Google LLC) Task: {77A1A730-6517-45C1-9A86-6064E27EFA37} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22890448 2022-04-17] (Microsoft Corporation -> Microsoft Corporation) Task: {83CEFF0C-78A4-4D0E-8296-DF41A7900198} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144792 2022-04-29] (Microsoft Corporation -> Microsoft Corporation) Task: {8B1F8095-F2BB-485F-8724-1A464DFBD3F4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-17] (Nvidia Corporation -> NVIDIA Corporation) Task: {9490BCE7-2592-4EBA-B4B2-8EBB11067121} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8376824 2022-04-29] (Microsoft Corporation -> Microsoft Corporation) Task: {A7A62D4C-1805-45EE-9FD1-26A210FC3D5F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8376824 2022-04-29] (Microsoft Corporation -> Microsoft Corporation) Task: {AC0EB7C5-9137-45AA-8E67-E1E5BE894508} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-03-17] (Nvidia Corporation -> NVIDIA Corporation) Task: {B090672E-D61E-4097-B99E-AF12FB0F9C43} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-03-17] (Nvidia Corporation -> NVIDIA Corporation) Task: {B40E6B0B-6235-48BE-9BEE-D60E4BC8D2BF} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4200864 2022-05-04] (Microsoft Corporation -> Microsoft Corporation) Task: {CD9E1BD4-7895-445A-AD0D-879AC8F1BA33} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [61336 2022-04-29] (Microsoft Corporation -> Microsoft Corporation) Task: {D2FD1FBF-D65A-48C8-A97C-F837D52D2575} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2229093526-2955841385-3410047047-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4200864 2022-05-04] (Microsoft Corporation -> Microsoft Corporation) Task: {D3A5407F-94A4-427D-8F71-E9312331CCBC} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339472 2022-03-17] (Nvidia Corporation -> NVIDIA Corporation) Task: {E324456F-AAD4-4194-9B7E-4EEF76DC5971} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22890448 2022-04-17] (Microsoft Corporation -> Microsoft Corporation) Task: {E9C43D51-3C0A-4688-AFD8-2927125A1813} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-03-17] (Nvidia Corporation -> NVIDIA Corporation) Task: {F080EF3F-16F0-46EA-8050-4F4370B0D800} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-17] (Nvidia Corporation -> NVIDIA Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 Tcpip\..\Interfaces\{4449e4c4-3c71-4dd2-b8d9-644c8967563e}: [DhcpNameServer] 192.168.8.1 Edge: ======= Edge Profile: C:\Users\Robert\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-13] FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-04-14] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-04-14] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default [2022-05-06] CHR Extension: (BetterTTV) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2022-04-03] CHR Extension: (7TV) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammjkodgmmoknidbanneddgankgfejfh [2022-04-21] CHR Extension: (Alternate Player for Twitch.tv) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhplkbgoehhhddaoolmakpocnenplmhf [2022-03-27] CHR Extension: (uBlock Origin) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-04-08] CHR Extension: (Dokumenty Google offline) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-21] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-27] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11758536 2022-04-17] (Microsoft Corporation -> Microsoft Corporation) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2022-03-03] (Epic Games Inc. -> Epic Games, Inc.) S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncHelper.exe [3399584 2022-05-04] (Microsoft Corporation -> Microsoft Corporation) S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1959776 2022-02-15] (GOG Sp. z o.o. -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832 2022-02-15] (GOG Sp. z o.o. -> GOG.com) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8347832 2022-04-25] (Malwarebytes Inc -> Malwarebytes) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.077.0410.0007\OneDriveUpdaterService.exe [3847072 2022-05-04] (Microsoft Corporation -> Microsoft Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6254352 2022-04-13] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2202.4-0\NisSrv.exe [3046608 2022-03-28] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2202.4-0\MsMpEng.exe [132504 2022-03-28] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_c0e159863e7afdde\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_c0e159863e7afdde\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] R2 Driver; C:\Program Files (x86)\EVGA\Kernel\driver-x64.sys [39856 2022-02-07] (EVGA Corp. -> ) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [103888 2022-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2022-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-04-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [193992 2022-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [70072 2022-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239560 2022-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [158856 2022-04-25] (Malwarebytes Inc -> Malwarebytes) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48552 2022-03-17] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49600 2022-03-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [439544 2022-03-28] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-28] (Microsoft Windows -> Microsoft Corporation) R3 WOVAD; C:\Windows\System32\drivers\womic.sys [51192 2022-01-14] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-05-06 11:30 - 2022-05-06 11:30 - 002366976 _____ (Farbar) C:\Users\Robert\Downloads\FRST64.exe 2022-05-06 11:30 - 2022-05-06 11:30 - 000016756 _____ C:\Users\Robert\Downloads\FRST.txt 2022-05-06 11:26 - 2022-05-06 11:26 - 008551608 _____ (Malwarebytes) C:\Users\Robert\Downloads\adwcleaner.exe 2022-05-06 11:26 - 2022-05-06 11:26 - 000000000 ____D C:\AdwCleaner 2022-05-06 11:19 - 2022-05-06 11:19 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\9335C623.sys 2022-05-06 11:18 - 2022-05-06 11:26 - 000000000 ____D C:\Users\Robert\Desktop\mbar 2022-05-06 11:18 - 2022-05-06 11:26 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2022-05-06 11:17 - 2022-05-06 11:18 - 000304300 _____ C:\TDSSKiller.3.1.0.28_06.05.2022_11.17.35_log.txt 2022-05-06 11:14 - 2022-05-06 11:14 - 000000279 _____ C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kosz.lnk 2022-05-06 11:09 - 2022-05-06 11:09 - 000087501 _____ C:\Users\Robert\Downloads\Addition.txt 2022-05-06 11:09 - 2022-05-06 11:09 - 000042612 _____ C:\Users\Robert\Downloads\Shortcut.txt 2022-05-05 21:54 - 2022-05-05 21:54 - 000000000 ____D C:\Users\Robert\AppData\LocalLow\Alt Shift 2022-05-05 20:36 - 2022-05-05 20:36 - 000000000 ____D C:\Users\Robert\AppData\LocalLow\LuckyHammers 2022-05-05 19:25 - 2022-05-05 19:25 - 000000347 _____ C:\Users\Robert\Desktop\Crying Suns.url 2022-05-05 19:23 - 2022-05-05 19:23 - 000000367 _____ C:\Users\Robert\Desktop\Terraforming Mars.url 2022-05-03 11:39 - 2022-05-03 11:39 - 000792109 _____ C:\Users\Robert\Downloads\wniosek_prosumenta.pdf 2022-04-30 17:11 - 2022-04-30 17:11 - 000000000 ____D C:\KVRT2020_Data 2022-04-28 09:25 - 2022-04-28 09:25 - 000000000 ____D C:\Windows\system32\Tasks\Agent Activation Runtime 2022-04-27 09:39 - 2022-04-27 09:39 - 000193992 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2022-04-27 09:39 - 2022-04-27 09:39 - 000070072 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2022-04-27 09:35 - 2022-05-06 11:30 - 000000000 ____D C:\FRST 2022-04-27 09:33 - 2022-04-27 09:33 - 000000000 ____D C:\Windows\ERUNT 2022-04-26 15:11 - 2022-04-26 15:11 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2022-04-26 15:11 - 2022-04-26 15:11 - 000000000 ____D C:\Program Files\PCHealthCheck 2022-04-25 15:40 - 2022-05-03 11:38 - 000239560 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2022-04-25 15:40 - 2022-04-25 15:40 - 000223176 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2022-04-25 15:40 - 2022-04-25 15:40 - 000158856 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2022-04-25 15:40 - 2022-04-25 15:40 - 000103888 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2022-04-25 15:40 - 2022-04-25 15:40 - 000021480 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys 2022-04-25 15:40 - 2022-04-25 15:40 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2022-04-25 15:39 - 2022-05-06 11:19 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-04-25 15:39 - 2022-04-25 15:39 - 000000000 ____D C:\Program Files\Malwarebytes 2022-04-23 14:45 - 2022-04-23 14:45 - 000001707 _____ C:\Users\Robert\Desktop\JWE2.release — skrót .lnk 2022-04-22 23:13 - 2022-04-22 23:13 - 000000000 ____D C:\Users\Robert\AppData\Local\Frontier Developments 2022-04-22 23:13 - 2022-04-22 23:13 - 000000000 ____D C:\Users\Robert\ansel 2022-04-22 23:13 - 2022-04-22 23:13 - 000000000 ____D C:\Users\Public\Documents\Steam 2022-04-22 23:13 - 2022-04-22 23:13 - 000000000 ____D C:\ProgramData\Frontier Developments 2022-04-17 16:00 - 2022-04-17 16:00 - 000000000 ____D C:\Users\Robert\AppData\LocalLow\Adi Zhavo 2022-04-17 13:42 - 2022-04-17 13:42 - 000000223 _____ C:\Users\Robert\Desktop\HomeWind.url 2022-04-17 13:42 - 2022-04-17 13:42 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2022-04-15 15:23 - 2022-04-15 15:23 - 005490166 _____ C:\Users\Robert\Documents\V70-XC70_owners_manual_MY11_PL_tp11764.pdf 2022-04-14 23:00 - 2022-04-25 15:40 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2022-04-14 10:03 - 2022-05-04 20:02 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2022-04-14 10:03 - 2022-04-15 10:18 - 000002373 _____ C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk 2022-04-14 10:03 - 2022-04-14 10:03 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Teams 2022-04-14 10:03 - 2022-04-14 10:03 - 000000000 ____D C:\Users\Robert\AppData\Local\SquirrelTemp 2022-04-14 00:18 - 2022-04-14 00:18 - 000001211 _____ C:\Users\Public\Desktop\GOG GALAXY.lnk 2022-04-14 00:18 - 2022-04-14 00:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2022-04-14 00:18 - 2022-04-14 00:18 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy 2022-04-14 00:17 - 2022-04-14 00:17 - 000000000 ____D C:\ProgramData\GOG.com 2022-04-13 17:48 - 2022-05-04 20:02 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2022-04-13 17:48 - 2022-05-04 20:02 - 000002176 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-04-13 17:48 - 2022-04-13 17:48 - 000019968 _____ C:\Windows\system32\SppExtComObjHook.dll 2022-04-13 17:48 - 2022-04-13 17:48 - 000000000 ___RD C:\Users\Default\OneDrive 2022-04-13 17:48 - 2022-04-13 17:48 - 000000000 ____D C:\Program Files (x86)\Teams Installer 2022-04-13 17:47 - 2022-04-29 10:09 - 000000000 ____D C:\Program Files\Microsoft Office 2022-04-13 17:47 - 2022-04-13 17:47 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2022-04-13 17:47 - 2022-04-13 17:47 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2022-04-13 17:47 - 2022-04-13 17:47 - 000002414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk 2022-04-13 17:47 - 2022-04-13 17:47 - 000002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2022-04-13 17:47 - 2022-04-13 17:47 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2022-04-13 17:47 - 2022-04-13 17:47 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk 2022-04-13 17:47 - 2022-04-13 17:47 - 000002393 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk 2022-04-13 17:47 - 2022-04-13 17:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools 2022-04-13 17:47 - 2022-04-13 17:47 - 000000000 ____D C:\Program Files\Microsoft Office 15 2022-04-13 17:47 - 2022-04-13 17:47 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2022-04-13 16:13 - 2022-04-13 16:13 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe 2022-04-13 16:13 - 2022-04-13 16:13 - 000048640 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2022-04-13 16:13 - 2022-04-13 16:13 - 000039936 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2022-04-13 16:13 - 2022-04-13 16:13 - 000011803 _____ C:\Windows\system32\DrtmAuthTxt.wim 2022-04-13 16:10 - 2022-04-13 16:10 - 000000000 ___HD C:\$WinREAgent 2022-04-13 13:31 - 2022-04-13 13:31 - 000000000 ____D C:\Users\Robert\AppData\LocalLow\Temp 2022-04-13 09:00 - 2022-04-13 13:31 - 000000000 ____D C:\Users\Robert\Documents\Zoom 2022-04-13 09:00 - 2022-04-13 09:00 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Zoom 2022-04-13 09:00 - 2022-04-13 09:00 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2022-04-13 09:00 - 2022-04-13 09:00 - 000000000 ____D C:\Users\Robert\AppData\Local\Zoom 2022-04-13 08:52 - 2022-04-13 08:52 - 000000000 ____D C:\Users\Robert\.android 2022-04-13 08:48 - 2022-04-13 08:48 - 000001070 _____ C:\Users\Robert\Desktop\WO Mic Client.lnk 2022-04-13 08:48 - 2022-04-13 08:48 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WO Mic Client 2022-04-13 08:48 - 2022-04-13 08:48 - 000000000 ____D C:\Program Files (x86)\WOMic 2022-04-13 08:35 - 2022-04-13 08:35 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2022-04-11 18:10 - 2022-04-11 18:10 - 000001051 _____ C:\Users\Robert\Desktop\Warcraft III.lnk 2022-04-11 00:32 - 2022-04-27 09:32 - 000000000 ____D C:\Users\Robert\AppData\Local\CrashDumps ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-05-06 11:08 - 2022-03-27 16:55 - 000000000 ____D C:\Program Files (x86)\Google 2022-05-06 10:55 - 2022-03-29 19:24 - 143823848 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2022-05-06 10:31 - 2019-12-07 09:05 - 000000000 ____D C:\Windows\system32\SleepStudy 2022-05-06 09:57 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-05-05 23:45 - 2022-03-27 17:27 - 000000000 ____D C:\ProgramData\NVIDIA 2022-05-05 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness 2022-05-05 15:09 - 2022-03-27 16:55 - 000002276 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2022-05-05 15:09 - 2022-03-27 16:55 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-05-04 20:03 - 2022-03-27 16:36 - 001767980 _____ C:\Windows\system32\PerfStringBackup.INI 2022-05-04 20:03 - 2019-12-07 17:09 - 000784296 _____ C:\Windows\system32\perfh015.dat 2022-05-04 20:03 - 2019-12-07 17:09 - 000152192 _____ C:\Windows\system32\perfc015.dat 2022-05-04 20:03 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF 2022-05-04 20:02 - 2022-03-27 16:37 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2229093526-2955841385-3410047047-1001 2022-05-04 19:59 - 2019-12-07 09:05 - 000008192 ___SH C:\DumpStack.log.tmp 2022-05-04 19:59 - 2019-12-07 09:05 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-05-03 19:45 - 2022-04-05 11:10 - 000000000 ____D C:\Users\Robert\Desktop\Telegram 2022-05-03 14:44 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-04-30 13:46 - 2022-03-27 16:32 - 000004784 _____ C:\Windows\system32\Tasks\MicrosoftEdgeShadowStackRollbackTask 2022-04-30 13:46 - 2019-12-07 09:05 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-04-30 13:46 - 2019-12-07 09:05 - 000002286 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2022-04-28 09:35 - 2022-03-27 18:39 - 000000000 ____D C:\Users\Robert\AppData\Local\ElevatedDiagnostics 2022-04-27 12:25 - 2022-03-27 17:42 - 000000000 ____D C:\Users\Robert\AppData\Local\NVIDIA Corporation 2022-04-27 09:38 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI 2022-04-27 09:31 - 2019-12-07 09:05 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-04-27 09:31 - 2019-12-07 09:05 - 000003442 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-04-26 22:41 - 2022-03-27 20:09 - 000000000 ____D C:\Users\Robert\AppData\Local\Battle.net 2022-04-26 22:41 - 2022-03-27 20:08 - 000000000 ____D C:\Program Files (x86)\Battle.net 2022-04-26 20:08 - 2022-03-27 19:51 - 000000851 _____ C:\Users\Public\Desktop\PotPlayer 64 bit.lnk 2022-04-25 15:40 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP 2022-04-25 15:29 - 2022-03-27 16:34 - 000000000 ____D C:\Users\Robert 2022-04-22 23:39 - 2022-03-27 17:58 - 000000000 ____D C:\Program Files (x86)\Steam 2022-04-22 23:13 - 2022-03-27 16:38 - 000000000 ____D C:\Users\Robert\AppData\Local\D3DSCache 2022-04-21 15:01 - 2022-03-27 16:55 - 000003646 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{2171F149-D57D-46DC-8B6D-A7C5D85510BB} 2022-04-21 15:01 - 2022-03-27 16:55 - 000003522 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{C52F3EDC-8742-4C85-AC21-F57A056A8FF2} 2022-04-14 01:10 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-04-14 01:10 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2022-04-14 01:10 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2022-04-14 01:10 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources 2022-04-14 01:10 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe 2022-04-14 01:10 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism 2022-04-14 01:10 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences 2022-04-14 01:10 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning 2022-04-14 01:10 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2022-04-14 01:10 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr 2022-04-14 01:10 - 2019-12-07 09:05 - 000445824 _____ C:\Windows\system32\FNTCACHE.DAT 2022-04-13 17:48 - 2022-03-27 16:36 - 000000000 ___RD C:\Users\Robert\OneDrive 2022-04-13 17:47 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2022-04-13 16:15 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp 2022-04-13 16:09 - 2022-03-29 19:24 - 000000000 ____D C:\Windows\system32\MRT 2022-04-07 16:52 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================