Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 26-04-2023
- Uruchomiony przez a (administrator) DESKTOP-CT30JL7 (ASUSTeK COMPUTER INC. X555LJ) (27-04-2023 15:02:55)
- Uruchomiony z C:\Users\a\Desktop\FRST64.exe
- Załadowane profile: a
- Platforma: Microsoft Windows 10 Home Wersja 1803 17134.1304 (X64) Język: Polski (Polska)
- Domyślna przeglądarka: Edge
- Tryb startu: Normal
- ==================== Procesy (filtrowane) =================
- (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
- (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
- (C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe ->) (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
- (C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe ->) (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
- (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
- (explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
- (explorer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
- (Intel Corporation -> ) C:\Windows\System32\igfxTray.exe
- (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
- (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
- (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
- (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
- (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
- (services.exe ->) (ICEpower a/s -> ICEpower A/S) C:\Windows\System32\ICEsoundService64.exe
- (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
- (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
- (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
- (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
- (services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
- (services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
- (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
- (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
- (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
- (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\PeopleExperienceHost.exe
- (svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
- ==================== Rejestr (filtrowane) ===================
- (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
- HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
- HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation -> NVIDIA Corporation)
- HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe******************************* (Brak pliku)
- HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Ograniczenia <==== UWAGA
- HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Ograniczenia <==== UWAGA
- HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Ograniczenia <==== UWAGA
- HKU\S-1-5-21-2616163263-938917232-1281003035-1001\...\Run: [Discord] => C:\Users\a\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
- HKU\S-1-5-21-2616163263-938917232-1281003035-1001\...\Run: [Opera Browser Assistant] => C:\Users\a\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software)
- HKU\S-1-5-21-2616163263-938917232-1281003035-1001\...\Run: [Microsoft Edge Update] => C:\Users\a\AppData\Local\Microsoft\EdgeUpdate\1.3.173.55\MicrosoftEdgeUpdateCore.exe [263584 2023-04-04] (Microsoft Corporation -> Microsoft Corporation)
- HKU\S-1-5-21-2616163263-938917232-1281003035-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40412472 2023-04-17] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
- HKU\S-1-5-21-2616163263-938917232-1281003035-1001\...\MountPoints2: {6673fff0-898c-11ea-a779-80a5898bb4ba} - "F:\HiSuiteDownLoader.exe"
- HKU\S-1-5-21-2616163263-938917232-1281003035-1001\...\MountPoints2: {77347ec5-8ee6-11e9-a727-806e6f6e6963} - "E:\exhibcdloader.exe"
- HKLM\...\Print\Monitors\IppMon: C:\Windows\system32\IPPMon.dll [251392 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
- HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\112.0.5615.138\Installer\chrmstp.exe [2023-04-27] (Google LLC -> Google LLC)
- HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
- ==================== Zaplanowane zadania (filtrowane) ============
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- Task: {237F0F77-6AF3-46FB-A185-4EFC089F89B8} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files (x86)\Microsoft Office\Office15\FirstRun.exe [989864 2015-03-14] (Microsoft Corporation -> Microsoft Corporation)
- Task: {338AA422-D7B5-4C36-800F-E943A7EFBCAC} - System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => C:\Program Files\CUAssistant\culauncher.exe (Brak pliku)
- Task: {4F0080A3-4D9C-487A-8282-69870F8B1646} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-04-17] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
- Task: {65012010-7C4F-4608-BA8C-4B08396FC8F2} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2616163263-938917232-1281003035-1001UA{B96977C0-FB6B-4EEF-A4B4-C7E590B57BD0} => C:\Users\a\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206264 2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
- Task: {79E79E89-5CE6-4A92-B3F0-7657B5627FC2} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2616163263-938917232-1281003035-1001Core{78BD8983-A3F0-49C9-8B11-910E4628A795} => C:\Users\a\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206264 2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
- Task: {8860A5BE-D63F-4090-82E2-86EBDE7D1871} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [505200 2015-05-29] (Dropbox, Inc -> )
- Task: {98B37638-7BA1-46F5-B44B-61808B7436FF} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617856 2021-09-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
- Task: {9A05F3E6-4AFA-49D4-AE73-1F91E4EFFA6A} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe [427880 2015-08-15] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
- Task: {9FCE9348-5420-48B4-8583-60D06A5B10F0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-06] (Google LLC -> Google LLC)
- Task: {A439AB6F-104F-42A4-A4D4-9E4B43D0BF1D} - System32\Tasks\CCleanerSkipUAC - a => C:\Program Files\CCleaner\CCleaner.exe [34159416 2023-04-17] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
- Task: {AA98DF0A-13CB-46EF-8E6A-E34E1BF4A704} - System32\Tasks\WpsNotifyTask_a => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe [461160 2015-08-15] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
- Task: {AB729D5A-2BB6-4458-B549-001D9DC35939} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18416 2015-08-17] (ASUSTeK Computer Inc. -> AsusTek)
- Task: {AF7E7051-3CE0-41A5-B41C-4932AF0F5638} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1618080 2015-05-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Brak podpisu cyfrowego]
- Task: {B704162C-0254-424A-9E3A-4784085880F1} - System32\Tasks\Opera scheduled Autoupdate 1561734929 => C:\Users\a\AppData\Local\Programs\Opera\launcher.exe [2256592 2022-01-12] (Opera Software AS -> Opera Software)
- Task: {B7647AB2-D10E-4579-A6EA-322A40F5ABE3} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-04-17] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "ff4b4a68-1f5b-4463-ba41-722165e721a1" --version "6.11.10435" --silent
- Task: {C43C9081-5BB8-457A-A1DB-77474A7D8E2B} - System32\Tasks\ASUS HotfixChecker => C:\Program Files (x86)\ASUS\HotfixChecker\HotfixChecker.exe [151352 2019-03-12] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
- Task: {CC183687-9664-468A-BA33-C54457C08C04} - System32\Tasks\WpsUpdateTask_a => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe [427880 2015-08-15] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
- Task: {D4DE315A-5804-4EA7-B1E2-9EB1226F4C23} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-06] (Google LLC -> Google LLC)
- Task: {E387C1C5-6FBA-47EC-AB43-C474DE3FE71F} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617856 2021-09-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
- Task: {EDBAABD7-8BEF-4959-A247-729CE1F49D81} - System32\Tasks\Opera scheduled assistant Autoupdate 1579870250 => C:\Users\a\AppData\Local\Programs\Opera\launcher.exe [2256592 2022-01-12] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\a\AppData\Local\Programs\Opera\assistant" $(Arg0)
- Task: {F3F4D75D-27FA-451C-9E4B-79D3C17396D3} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe [461160 2015-08-15] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
- (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)
- Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
- Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
- Task: C:\Windows\Tasks\WpsNotifyTask_a.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
- Task: C:\Windows\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
- Task: C:\Windows\Tasks\WpsUpdateTask_a.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe
- Task: C:\Windows\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe
- ==================== Internet (filtrowane) ====================
- (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
- Tcpip\Parameters: [DhcpNameServer] 213.144.235.1 213.144.235.2
- Tcpip\..\Interfaces\{0a32e037-40b9-4108-b06f-6fa7f0bc2e66}: [DhcpNameServer] 213.144.235.1 213.144.235.2
- Tcpip\..\Interfaces\{3187f034-ca08-44ad-867f-c7258ecfbaae}: [DhcpNameServer] 84.116.46.23 84.116.46.22
- Tcpip\..\Interfaces\{eba89abc-1c98-401c-855b-992e4dd1da16}: [DhcpNameServer] 192.168.56.1
- FireFox:
- ========
- FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
- FF Extension: (Brak nazwy) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-10-04] [Brak podpisu cyfrowego]
- FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
- FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
- FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
- FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] (WildTangent Inc -> )
- Chrome:
- =======
- CHR Profile: C:\Users\a\AppData\Local\Google\Chrome\User Data\Default [2023-04-27]
- CHR DownloadDir: C:\Users\a\Desktop
- CHR DefaultSearchURL: Default -> hxxps://pl.search.yahoo.com/search?fr=mcafee_uninternational&type=E211PL885G0&p={searchTerms}
- CHR DefaultSearchKeyword: Default -> mcafee
- CHR Extension: (McAfee® WebAdvisor) - C:\Users\a\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2023-04-26]
- CHR Extension: (Dokumenty Google offline) - C:\Users\a\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-26]
- CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\a\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-05]
- CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
- CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
- Opera:
- =======
- OPR Profile: C:\Users\a\AppData\Roaming\Opera Software\Opera Stable [2023-04-27]
- OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
- OPR Extension: (Rich Hints Agent) - C:\Users\a\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-01-28]
- OPR Extension: (Amazon Assistant Promotion) - C:\Users\a\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-08]
- ==================== Usługi (filtrowane) ===================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1063736 2023-04-17] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
- S4 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent Inc -> WildTangent)
- S4 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Brak podpisu cyfrowego]
- S4 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Brak podpisu cyfrowego]
- S4 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe [133480 2015-08-15] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
- R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9245528 2023-04-27] (Malwarebytes Inc. -> Malwarebytes)
- S4 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [973040 2021-10-08] (McAfee, LLC -> McAfee, LLC)
- S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\NisSrv.exe [3228400 2023-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
- S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe [133536 2023-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
- ===================== Sterowniki (filtrowane) ===================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- R3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
- R3 AsusTP; C:\Windows\System32\drivers\AsusTP.sys [102144 2019-08-19] (ASUSTek Computer Inc. -> ASUS Corporation)
- S3 cdrombus; C:\Windows\System32\Drivers\cdrombus.sys [25088 2012-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
- S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
- S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-05-07] (Disc Soft Ltd -> Disc Soft Ltd)
- S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-05-07] (Disc Soft Ltd -> Disc Soft Ltd)
- R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2023-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
- R3 HIDSwitch; C:\Windows\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
- S3 HPMoA407; C:\Windows\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
- S3 HPubA407; C:\Windows\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
- R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2023-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
- S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-04-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
- R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [198584 2023-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
- R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77736 2023-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
- R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
- R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181816 2023-04-27] (Malwarebytes Inc. -> Malwarebytes)
- S3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
- S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
- S3 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49600 2023-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
- S3 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [497920 2023-04-12] (Microsoft Windows -> Microsoft Corporation)
- S3 wdm_usb; C:\Windows\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
- S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99608 2023-04-12] (Microsoft Windows -> Microsoft Corporation)
- ==================== NetSvcs (filtrowane) ===================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- ==================== Jeden miesiąc (utworzone) (filtrowane) =========
- (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
- 2023-04-27 15:02 - 2023-04-27 15:04 - 000020590 _____ C:\Users\a\Desktop\FRST.txt
- 2023-04-27 14:56 - 2023-04-27 14:56 - 000000000 ____D C:\ProgramData\Piriform
- 2023-04-27 14:53 - 2023-04-27 14:53 - 000181816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
- 2023-04-27 14:53 - 2023-04-27 14:53 - 000000000 ____D C:\Windows\LastGood
- 2023-04-27 14:53 - 2023-04-27 14:53 - 000000000 ____D C:\Users\a\AppData\LocalLow\IGDump
- 2023-04-27 14:46 - 2023-04-27 14:46 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
- 2023-04-27 14:30 - 2023-04-27 14:30 - 000000000 ____D C:\Windows\system32\DAX3
- 2023-04-27 14:29 - 2023-04-27 14:46 - 000000000 ____D C:\Windows\LastGood.Tmp
- 2023-04-27 14:23 - 2023-04-27 14:53 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
- 2023-04-27 14:23 - 2023-04-27 14:23 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
- 2023-04-27 14:23 - 2023-04-27 14:23 - 000003474 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
- 2023-04-27 14:23 - 2023-04-27 14:23 - 000002888 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - a
- 2023-04-27 14:23 - 2023-04-27 14:23 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
- 2023-04-27 14:23 - 2023-04-27 14:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
- 2023-04-27 14:22 - 2023-04-27 14:56 - 000000000 ____D C:\Program Files\CCleaner
- 2023-04-27 14:18 - 2023-04-27 14:18 - 000000000 ___HD C:\$WINDOWS.~BT
- 2023-04-27 14:14 - 2023-04-27 15:03 - 000000000 ____D C:\FRST
- 2023-04-27 14:02 - 2023-04-27 14:55 - 000000000 ____D C:\Users\a\AppData\Local\Malwarebytes
- 2023-04-27 14:02 - 2023-04-27 14:02 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
- 2023-04-27 14:02 - 2023-04-27 14:02 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
- 2023-04-27 14:02 - 2023-04-27 14:02 - 000000000 ____D C:\Users\a\AppData\Local\mbam
- 2023-04-27 13:58 - 2023-04-27 13:58 - 000000000 ____D C:\ProgramData\Malwarebytes
- 2023-04-27 13:58 - 2023-04-27 13:58 - 000000000 ____D C:\Program Files\Malwarebytes
- 2023-04-27 13:57 - 2023-04-27 13:57 - 000000000 ___HD C:\OneDriveTemp
- 2023-04-27 13:57 - 2023-04-27 13:53 - 002382336 _____ (Farbar) C:\Users\a\Desktop\FRST64.exe
- 2023-04-27 13:45 - 2023-04-27 13:45 - 000000000 ___HD C:\$WinREAgent
- 2023-04-27 13:03 - 2023-04-27 13:04 - 000000000 ____D C:\KRD2018_Data
- 2023-04-26 20:46 - 2023-04-26 20:46 - 363266048 _____ C:\Users\a\Downloads\krd.iso.ad5gi9x.partial
- 2023-04-26 18:49 - 2023-04-26 18:49 - 012567188 _____ (ImageWriter Developers ) C:\Users\a\Desktop\Niepotwierdzony 362627.crdownload
- 2023-04-26 18:47 - 2023-04-26 18:47 - 002649088 _____ (Malwarebytes) C:\Users\a\Desktop\Niepotwierdzony 674744.crdownload
- 2023-04-26 18:40 - 2023-04-26 18:40 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
- 2023-04-26 17:07 - 2023-04-26 17:07 - 000000000 ____D C:\Windows\pss
- 2023-04-19 20:14 - 2023-04-19 20:14 - 000000977 _____ C:\Users\Public\Desktop\League of Legends.lnk
- 2023-04-19 20:14 - 2023-04-19 20:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
- 2023-04-19 20:13 - 2023-04-19 20:13 - 000000000 ____D C:\Riot Games
- 2023-04-19 19:14 - 2023-04-19 19:14 - 000000751 _____ C:\Users\a\Downloads\Obiekty 3D — skrót.lnk
- 2023-04-19 18:40 - 2023-04-19 18:40 - 000000000 ____D C:\Users\a\AppData\LocalLow\Evernote
- 2023-04-19 18:40 - 2023-04-19 18:40 - 000000000 ____D C:\Users\a\AppData\Local\Evernote
- 2023-03-31 18:35 - 2023-04-27 13:57 - 000002413 _____ C:\Users\a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
- ==================== Jeden miesiąc (zmodyfikowane) ==================
- (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
- 2023-04-27 15:02 - 2019-06-14 22:34 - 000000000 ___RD C:\Users\a\OneDrive
- 2023-04-27 15:01 - 2019-06-25 15:49 - 000002526 _____ C:\Windows\system32\Tasks\ASUS HotfixChecker
- 2023-04-27 14:59 - 2020-10-06 16:53 - 000001701 _____ C:\Users\Public\Desktop\Recuva.lnk
- 2023-04-27 14:59 - 2020-10-06 16:52 - 000000000 ____D C:\Program Files\Recuva
- 2023-04-27 14:59 - 2019-06-14 17:42 - 000785228 _____ C:\Windows\system32\perfh015.dat
- 2023-04-27 14:59 - 2019-06-14 17:42 - 000152338 _____ C:\Windows\system32\perfc015.dat
- 2023-04-27 14:59 - 2019-06-14 17:32 - 000000000 ____D C:\Windows\INF
- 2023-04-27 14:59 - 2015-08-15 07:21 - 001763508 _____ C:\Windows\system32\PerfStringBackup.INI
- 2023-04-27 14:57 - 2022-12-11 04:21 - 000002928 _____ C:\Windows\system32\Tasks\WpsUpdateTask_a
- 2023-04-27 14:57 - 2022-12-11 04:21 - 000002928 _____ C:\Windows\system32\Tasks\WpsNotifyTask_a
- 2023-04-27 14:57 - 2022-12-11 04:21 - 000000400 _____ C:\Windows\Tasks\WpsUpdateTask_a.job
- 2023-04-27 14:57 - 2022-12-11 04:21 - 000000400 _____ C:\Windows\Tasks\WpsNotifyTask_a.job
- 2023-04-27 14:57 - 2021-10-17 17:51 - 000003794 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1579870250
- 2023-04-27 14:57 - 2019-12-20 14:45 - 000003590 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1561734929
- 2023-04-27 14:57 - 2019-06-14 22:24 - 000003066 _____ C:\Windows\system32\Tasks\WpsUpdateTask_Administrator
- 2023-04-27 14:57 - 2019-06-14 22:24 - 000003066 _____ C:\Windows\system32\Tasks\WpsNotifyTask_Administrator
- 2023-04-27 14:57 - 2015-08-15 07:30 - 000000424 _____ C:\Windows\Tasks\WpsUpdateTask_Administrator.job
- 2023-04-27 14:57 - 2015-08-15 07:30 - 000000424 _____ C:\Windows\Tasks\WpsNotifyTask_Administrator.job
- 2023-04-27 14:56 - 2020-10-06 16:50 - 000000000 ____D C:\Program Files (x86)\Google
- 2023-04-27 14:56 - 2019-06-14 17:34 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
- 2023-04-27 14:55 - 2019-06-14 22:33 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
- 2023-04-27 14:54 - 2019-06-14 22:31 - 000000000 __SHD C:\Users\a\IntelGraphicsProfiles
- 2023-04-27 14:53 - 2019-06-14 22:24 - 000000006 ____H C:\Windows\Tasks\SA.DAT
- 2023-04-27 14:53 - 2019-06-14 21:59 - 000000000 ____D C:\ProgramData\NVIDIA
- 2023-04-27 14:53 - 2019-06-14 21:58 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
- 2023-04-27 14:52 - 2019-06-14 17:05 - 000786432 _____ C:\Windows\system32\config\BBI
- 2023-04-27 14:48 - 2019-06-14 21:59 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
- 2023-04-27 14:43 - 2019-06-14 21:54 - 000000000 ____D C:\Windows\system32\SleepStudy
- 2023-04-27 14:36 - 2019-06-14 21:58 - 000000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
- 2023-04-27 14:30 - 2019-06-14 22:24 - 000003260 _____ C:\Windows\system32\Tasks\RtHDVBg_ListenToDevice
- 2023-04-27 14:30 - 2019-06-14 22:24 - 000003216 _____ C:\Windows\system32\Tasks\RTKCPL
- 2023-04-27 14:30 - 2019-06-14 21:58 - 000000000 ____D C:\Windows\system32\DAX2
- 2023-04-27 14:29 - 2019-06-14 21:57 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
- 2023-04-27 14:26 - 2019-12-06 19:20 - 000000000 ____D C:\Users\a\AppData\Roaming\TS3Client
- 2023-04-27 14:25 - 2019-06-14 17:34 - 000000000 ____D C:\Windows\LiveKernelReports
- 2023-04-27 14:25 - 2019-06-14 17:04 - 000000000 ____D C:\Windows\Panther
- 2023-04-27 14:09 - 2019-06-14 22:31 - 000000000 ____D C:\Users\a\AppData\Local\Packages
- 2023-04-27 14:09 - 2019-06-14 17:34 - 000000000 ___HD C:\Program Files\WindowsApps
- 2023-04-27 14:08 - 2019-06-14 17:34 - 000000000 ____D C:\Windows\AppReadiness
- 2023-04-27 14:01 - 2019-06-14 17:34 - 000000000 ___HD C:\Windows\ELAMBKUP
- 2023-04-27 13:57 - 2021-12-13 20:34 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2616163263-938917232-1281003035-1001
- 2023-04-27 13:57 - 2019-06-18 13:45 - 000003370 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2616163263-938917232-1281003035-1001
- 2023-04-27 13:56 - 2019-06-14 22:25 - 000000000 ____D C:\ProgramData\ASUS
- 2023-04-27 13:48 - 2020-10-06 16:52 - 000002309 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
- 2023-04-27 13:48 - 2020-10-06 16:52 - 000002268 _____ C:\Users\Public\Desktop\Google Chrome.lnk
- 2023-04-27 13:47 - 2022-04-02 16:43 - 000000000 ___HD C:\Users\a\Downloads\.opera
- 2023-04-27 13:47 - 2022-04-02 16:43 - 000000000 ___HD C:\Users\a\.opera
- 2023-04-27 13:38 - 2015-08-15 07:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
- 2023-04-27 13:38 - 2015-08-15 07:29 - 000000000 ____D C:\Program Files (x86)\ASUS
- 2023-04-27 13:37 - 2020-10-06 16:50 - 000003864 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
- 2023-04-27 13:37 - 2020-10-06 16:50 - 000003740 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
- 2023-04-27 13:29 - 2019-06-14 17:34 - 000000000 ____D C:\Windows\system32\NDF
- 2023-04-26 20:45 - 2019-06-14 17:16 - 000000000 ____D C:\Windows\CbsTemp
- 2023-04-26 20:42 - 2019-06-14 22:29 - 000000000 ____D C:\Users\a
- 2023-04-19 19:27 - 2019-06-25 16:10 - 000000000 ____D C:\Windows\system32\MRT
- 2023-04-19 18:48 - 2019-07-13 21:34 - 000000000 ____D C:\ProgramData\Riot Games
- 2023-04-12 17:50 - 2019-06-25 16:10 - 156112424 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
- 2023-04-12 17:48 - 2019-06-14 22:24 - 000000000 ____D C:\Windows\system32\Drivers\wd
- 2023-04-05 19:54 - 2019-06-14 17:34 - 000000000 ____D C:\Windows\registration
- 2023-04-05 19:51 - 2015-12-09 19:55 - 000380985 _____ C:\Windows\diagwrn.xml
- 2023-04-05 19:51 - 2015-12-09 19:55 - 000380985 _____ C:\Windows\diagerr.xml
- 2023-04-04 19:02 - 2022-12-14 22:47 - 000003894 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2616163263-938917232-1281003035-1001UA{B96977C0-FB6B-4EEF-A4B4-C7E590B57BD0}
- 2023-04-04 19:02 - 2022-12-14 22:47 - 000003822 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2616163263-938917232-1281003035-1001Core{78BD8983-A3F0-49C9-8B11-910E4628A795}
- ==================== SigCheck ============================
- (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
- ==================== Koniec FRST.txt ========================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement