Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 06-12-2024 Uruchomiony przez Trox1 (administrator) DESKTOP-31ECACE (Micro-Star International Co., Ltd. MS-7D20) (11-12-2024 01:51:36) Uruchomiony z C:\Users\Trox1\Downloads\FRST64.exe Załadowane profile: Trox1 Platforma: Microsoft Windows 10 Pro Wersja 22H2 19045.5131 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) X:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (explorer.exe ->) (Valve Corp. -> Valve Corporation) X:\Steam\steam.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <17> (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_ec6acb81b9300f24\RstMwService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_2e01d57d451be19f\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) X:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_af49968a824c7864\RtkAudUService64.exe <2> (services.exe ->) (Software Solutions 365 LLC -> Chemtable Software) C:\Program Files\Autorun Organizer\StartupCheckingService.exe (services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (svchost.exe ->) (Software Solutions 365 LLC -> Chemtable Software) C:\Program Files\Autorun Organizer\AutorunOrganizer.exe (X:\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) X:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7> ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_af49968a824c7864\RtkAudUService64.exe [1964344 2024-01-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKLM\Software\Policies\...\system: [AllowClipboardHistory] 0 HKLM\Software\Policies\...\system: [EnableCloudClipboard] 0 HKLM\Software\Policies\...\system: [CloudClipboardAutomaticUpload] 0 HKLM\Software\Policies\...\system: [EnableActivityFeed] 0 HKLM\Software\Policies\...\system: [PublishUserActivities] 0 HKLM\Software\Policies\...\system: [UploadUserActivities] 0 HKU\S-1-5-21-341270625-1260217082-2546570628-1001\...\Run: [Steam] => X:\Steam\steam.exe [4412512 2024-12-02] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-341270625-1260217082-2546570628-1001\...\Run: [Opera Stable] => C:\Users\Trox1\AppData\Local\Programs\Opera\opera.exe [1573784 2024-12-02] (Opera Norway AS -> Opera Software) HKU\S-1-5-21-341270625-1260217082-2546570628-1001\...\Run: [Opera Browser Assistant] => C:\Users\Trox1\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4146080 2024-09-25] (Opera Norway AS -> Opera Software) HKU\S-1-5-21-341270625-1260217082-2546570628-1001\...\Run: [Mozilla-Firefox-308046B0AF4A39CB] => "C:\Program Files\Mozilla Firefox\firefox.exe" -os-autostart [671808 2024-12-01] (Mozilla Corporation -> Mozilla Corporation) HKU\S-1-5-21-341270625-1260217082-2546570628-1001\...\Run: [MicrosoftEdgeAutoLaunch_67622174CEDE5862CF65A4E487FF4AE5] => "X:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911232 2024-12-05] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-341270625-1260217082-2546570628-500\...\Run: [MicrosoftEdgeAutoLaunch_98769996E24836F99EC8617644423B4C] => "X:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911232 2024-12-05] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-341270625-1260217082-2546570628-500\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (Brak pliku) HKU\S-1-5-21-341270625-1260217082-2546570628-500\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Brak pliku) HKU\S-1-5-18\...\Run: [MicrosoftEdgeAutoLaunch_C6EE5548444729AAC4173FA37368278E] => "X:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911232 2024-12-05] (Microsoft Corporation -> Microsoft Corporation) BootExecute: autocheck autochk * sdnclean64.exe HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Microsoft\Edge: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {C855EE89-FFA8-488A-9C0C-9DF5518B1EE8} - System32\Tasks\Autorun Organizer => C:\Program Files\Autorun Organizer\AutorunOrganizer.exe [22331128 2024-03-17] (Software Solutions 365 LLC -> Chemtable Software) Task: {5AAA8C89-F879-4A2C-8C86-1D35C2866FCE} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\IntelPTTEKRecertification.exe [855664 2023-12-14] (Intel Corporation -> Intel(R) Corporation) Task: {A35A8BE5-05F6-4624-A15A-15255755B3CA} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => X:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [4916640 2024-04-15] (Intel Corporation -> Intel Corporation) Task: {DC2389CD-9068-4A21-9746-869B56BE64FE} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => X:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [4916640 2024-04-15] (Intel Corporation -> Intel Corporation) Task: {45E3E1C4-6947-4A27-9D94-B69A25992DE0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-28] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {0720D858-53F7-4094-BA45-9F608927EA04} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-28] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B4595316-4EBD-4EAC-A988-D07E40C547D2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-28] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4FB4731F-F7C5-4527-9171-C5A2A70A66F2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-28] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {971549D6-C028-4656-AE50-C77007519152} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-341270625-1260217082-2546570628-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671808 2024-12-01] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (dane wartości zawierają 6 znaków więcej). Task: {539A8250-4F8A-4169-A8D5-83307B1AE2A6} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2024-12-01] (Mozilla Corporation -> Mozilla Foundation) Task: {5F263088-A906-4DBF-B830-A8BADB221A10} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => X:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> X:\Program Files\NVIDIA Corporation\NvContainer\-d "X:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {A025C611-1F42-432E-8B3C-B69149A80084} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => X:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {542BAAF5-72C0-42CF-BF0F-E235B5EA7E62} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler Task: {1FCD710A-B805-475A-8742-45B4E0629A58} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => X:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F2483E7F-AA1C-4787-A515-B270438893C2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => X:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {85D7E178-BFA4-4ED1-BE2B-8F545A03CC0A} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => X:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {5FDB646B-D91E-4035-B4B4-996BCD48F71E} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => X:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {960F6333-7AC7-4169-A036-470448278716} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => X:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {AD8E2D04-FEB6-4F0B-85AB-7B8F2BD6880A} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => X:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {CE53143C-0320-4759-B793-A33F319C9D92} - System32\Tasks\Opera scheduled assistant Autoupdate 1719299779 => C:\Users\Trox1\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5812120 2024-11-28] (Opera Norway AS -> Opera Software) -> --scheduledtask --productiscomponent --bypasslauncher --installdir="C:\Users\Trox1\AppData\Local\Programs\Opera\assistant" --producttype=assistant $(Arg0) Task: {75DD3B9A-176C-4CA2-8289-4A033E488A5A} - System32\Tasks\Opera scheduled Autoupdate 1719299773 => C:\Users\Trox1\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5812120 2024-11-28] (Opera Norway AS -> Opera Software) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.231.95 Tcpip\..\Interfaces\{86c42b66-0177-4e46-bd31-973f2773372a}: [DhcpNameServer] 192.168.231.95 Edge: ======= Edge Profile: C:\Users\Trox1\AppData\Local\Microsoft\Edge\User Data\Default [2024-12-11] Edge Extension: (Dokumenty Google offline) - C:\Users\Trox1\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-07] Edge Extension: (Edge relevant text changes) - C:\Users\Trox1\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-03-24] FireFox: ======== FF DefaultProfile: 5afuweyz.default FF ProfilePath: C:\Users\Trox1\AppData\Roaming\Mozilla\Firefox\Profiles\5afuweyz.default [2024-03-24] FF ProfilePath: C:\Users\Trox1\AppData\Roaming\Mozilla\Firefox\Profiles\4wb7or85.default-release [2024-12-11] FF Session Restore: Mozilla\Firefox\Profiles\4wb7or85.default-release -> [funkcja włączona] FF Extension: (Ghostery Bloker Trackerów i Reklam - Prywatność AdBlock) - C:\Users\Trox1\AppData\Roaming\Mozilla\Firefox\Profiles\4wb7or85.default-release\Extensions\firefox@ghostery.com.xpi [2024-12-02] FF Extension: (Privacy Badger) - C:\Users\Trox1\AppData\Roaming\Mozilla\Firefox\Profiles\4wb7or85.default-release\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2024-07-23] FF Extension: (AdBlocker for YouTube™) - C:\Users\Trox1\AppData\Roaming\Mozilla\Firefox\Profiles\4wb7or85.default-release\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2024-08-13] FF Extension: (Dark Background and Light Text) - C:\Users\Trox1\AppData\Roaming\Mozilla\Firefox\Profiles\4wb7or85.default-release\Extensions\jid1-QoFqdK4qzUfGWQ@jetpack.xpi [2024-11-13] FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Trox1\AppData\Roaming\Mozilla\Firefox\Profiles\4wb7or85.default-release\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2024-10-30] FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) StartMenuInternet: Firefox-308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\firefox.exe Opera: ======= OPR DefaultProfile: Default ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15737128 2024-04-30] (BattlEye Innovations e.K. -> ) R2 Chemtable Startup Checking; C:\Program Files\Autorun Organizer\StartupCheckingService.exe [12125648 2024-03-17] (Software Solutions 365 LLC -> Chemtable Software) S3 FvSvc; X:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [1081896 2024-06-11] (NVIDIA Corporation -> NVIDIA) S3 Intel(R) SUR QC SAM; X:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [4916640 2024-04-15] (Intel Corporation -> Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9433496 2024-12-08] (Malwarebytes Inc. -> Malwarebytes) S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-03-25] (Malwarebytes Inc. -> Malwarebytes) R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-28] (Microsoft Windows Publisher -> Microsoft Corporation) S3 MicrosoftEdgeElevationService; X:\Program Files (x86)\Microsoft\Edge\Application\131.0.2903.86\elevation_service.exe [1819200 2024-12-05] (Microsoft Corporation -> Microsoft Corporation) R2 NvContainerLocalSystem; X:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_2e01d57d451be19f\Display.NvContainer\NVDisplay.Container.exe [1275008 2024-07-31] (NVIDIA Corporation -> NVIDIA Corporation) S3 Sense; X:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-11-22] (Microsoft Windows Publisher -> Microsoft Corporation) S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\Wellbia.com\ucldr_battlegrounds_gl.exe [5084200 2024-05-26] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) S4 uhssvc; X:\Program Files\Microsoft Update Health Tools\uhssvc.exe [370560 2023-09-25] (Microsoft Windows -> Microsoft Corporation) S3 VBoxSDS; X:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [807352 2024-01-15] (Oracle Corporation -> Oracle and/or its affiliates) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-28] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-28] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WMPNetworkSvc; X:\Program Files\Windows Media Player\wmpnetwk.exe [956416 2023-12-04] (Microsoft Windows -> Microsoft Corporation) S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [12901208 2024-11-01] (KRAFTON, Inc. -> KRAFTON, Inc) S2 SpybotAntiBeaconInterceptor; C:\Program Files (x86)\Safer-Networking Ltd\Spybot Anti-Beacon\x64\Spybot3AntiBeaconService.exe --run [X] ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] R3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 iaLPSS2_GPIO2_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_2546dafe2183e972\iaLPSS2_GPIO2_TGL.sys [131224 2021-07-19] (Intel Corporation -> Intel Corporation) R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [232024 2024-12-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2024-03-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239568 2024-08-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MpKsle1d05bff; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FF9B4AC3-8CC2-4C27-9749-AB232A0BBDCC}\MpKslDrv.sys [267552 2024-12-10] (Microsoft Windows -> Microsoft Corporation) R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation) R3 sshid; C:\Windows\System32\drivers\sshid.sys [48800 2022-02-23] (SteelSeries ApS -> SteelSeries ApS) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [254664 2024-01-15] (Oracle Corporation -> Oracle and/or its affiliates) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [265536 2024-01-15] (Oracle Corporation -> Oracle and/or its affiliates) R1 VBoxSup; C:\Windows\system32\DRIVERS\VBoxSup.sys [1064064 2024-01-15] (Oracle Corporation -> Oracle and/or its affiliates) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22104 2024-10-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [606624 2024-10-28] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-28] (Microsoft Windows -> Microsoft Corporation) S3 xhunter1; C:\Windows\xhunter1.sys [215864 2024-05-26] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-12-11 01:51 - 2024-12-11 01:52 - 000022329 _____ C:\Users\Trox1\Downloads\FRST.txt 2024-12-11 01:51 - 2024-12-11 01:51 - 000000000 ____D C:\FRST 2024-12-11 01:48 - 2024-12-11 01:48 - 002402304 _____ (Farbar) C:\Users\Trox1\Downloads\FRST64.exe 2024-12-11 01:44 - 2024-12-11 01:44 - 000001440 _____ C:\Users\Trox1\Desktop\Malwarebytes Raport 2024-12-11 003822.txt 2024-12-09 09:44 - 2024-12-09 09:44 - 000000000 ____D C:\Users\Trox1\AppData\Roaming\Radmin 2024-12-09 09:40 - 2024-12-09 09:40 - 000000085 _____ C:\Windows\wininit.ini 2024-12-08 11:10 - 2024-12-08 11:10 - 000000000 ____D C:\Windows\system32\Tasks\WPD 2024-12-08 11:10 - 2024-12-08 11:10 - 000000000 ____D C:\Windows\system32\Tasks\Lenovo 2024-12-08 11:10 - 2024-12-08 11:10 - 000000000 ____D C:\Windows\system32\Tasks\COMODO 2024-12-07 11:52 - 2024-12-07 18:28 - 000000000 ____D C:\Users\Trox1\Downloads\AutoLogger 2024-12-07 11:51 - 2024-12-07 11:51 - 018751448 _____ C:\Users\Trox1\Downloads\AutoLogger.zip 2024-12-07 11:51 - 2024-12-06 04:40 - 018919144 _____ (Company © regist & Drongo) C:\Users\Trox1\Downloads\AutoLogger.exe 2024-12-07 11:16 - 2024-12-07 11:16 - 000000000 ____D C:\Windows\system32\Tasks\Safer-Networking 2024-12-07 11:15 - 2024-12-09 09:40 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy 2024-12-07 11:14 - 2024-12-07 11:14 - 000388608 _____ (Trend Micro Inc.) C:\Users\Trox1\Downloads\HijackThis.exe 2024-12-07 10:42 - 2024-12-07 10:42 - 000000188 _____ C:\Users\Trox1\advanced_port_scanner_MAC.bin 2024-12-07 10:42 - 2024-12-07 10:42 - 000000015 _____ C:\Users\Trox1\advanced_port_scanner_Comments.bin 2024-12-07 10:42 - 2024-12-07 10:42 - 000000015 _____ C:\Users\Trox1\advanced_port_scanner_Aliases.bin 2024-12-07 10:30 - 2024-12-07 10:30 - 000000000 ____D C:\Users\Trox1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Radmin Viewer 3 2024-12-07 10:30 - 2024-12-07 10:30 - 000000000 ____D C:\Users\Trox1\AppData\Local\famatech 2024-11-19 17:35 - 2024-11-19 17:35 - 000000000 ___HD C:\$WinREAgent ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-12-11 01:52 - 2024-03-24 13:59 - 000000000 ____D C:\Users\Trox1\AppData\Local\Malwarebytes 2024-12-11 01:29 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-12-11 01:28 - 2024-03-24 13:47 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2024-12-11 01:27 - 2024-03-24 13:47 - 000000000 ____D C:\ProgramData\NVIDIA 2024-12-10 16:57 - 2024-03-24 13:39 - 001768984 _____ C:\Windows\system32\PerfStringBackup.INI 2024-12-10 16:57 - 2019-12-07 16:09 - 000784578 _____ C:\Windows\system32\perfh015.dat 2024-12-10 16:57 - 2019-12-07 16:09 - 000152474 _____ C:\Windows\system32\perfc015.dat 2024-12-10 16:57 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness 2024-12-10 16:57 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF 2024-12-10 16:56 - 2024-03-24 14:37 - 000004224 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{1E450457-458F-47AB-A38A-DF7E6A5D5CC9} 2024-12-09 20:43 - 2024-03-24 13:34 - 000000000 ____D C:\Windows\system32\SleepStudy 2024-12-09 09:40 - 2024-03-24 13:34 - 000008192 ___SH C:\DumpStack.log.tmp 2024-12-09 09:40 - 2024-03-24 13:34 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2024-12-09 09:40 - 2023-12-04 03:46 - 000000000 ____D C:\Windows\SystemTemp 2024-12-09 09:40 - 2019-12-07 10:03 - 000786432 _____ C:\Windows\system32\config\BBI 2024-12-08 11:11 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2024-12-07 11:16 - 2024-03-24 13:41 - 000000000 ____D C:\Users\Trox1\AppData\Local\VirtualStore 2024-12-07 10:52 - 2024-03-24 13:34 - 000001526 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-12-07 10:42 - 2024-03-24 13:40 - 000000000 ____D C:\Users\Trox1 2024-12-05 20:21 - 2024-03-24 13:43 - 000000000 ____D C:\Users\Trox1\AppData\Local\ElevatedDiagnostics 2024-12-02 16:57 - 2024-06-25 08:16 - 000004308 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1719299773 2024-12-02 16:57 - 2024-06-25 08:16 - 000001386 _____ C:\Users\Trox1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk 2024-12-02 16:10 - 2024-03-24 13:41 - 000000000 ____D C:\Users\Trox1\AppData\Local\Packages 2024-12-01 12:48 - 2024-03-24 13:47 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2024-12-01 12:48 - 2024-03-24 13:47 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2024-11-30 23:50 - 2024-03-24 13:34 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-11-30 23:50 - 2024-03-24 13:34 - 000003442 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-11-23 22:37 - 2024-03-25 12:43 - 000000000 ____D C:\Users\Trox1\AppData\Roaming\Code 2024-11-23 22:04 - 2024-10-31 10:52 - 000000000 ____D C:\Users\Trox1\AppData\Roaming\StardewValley 2024-11-22 19:03 - 2024-03-24 13:34 - 000260256 _____ C:\Windows\system32\FNTCACHE.DAT 2024-11-22 19:02 - 2024-03-24 18:30 - 000000000 ____D X:\Program Files\Windows Defender Advanced Threat Protection 2024-11-22 19:02 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2024-11-22 19:02 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2024-11-22 19:02 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources 2024-11-22 19:02 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup 2024-11-22 19:02 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates 2024-11-22 19:02 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe 2024-11-22 19:02 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism 2024-11-22 19:02 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser 2024-11-22 19:02 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences 2024-11-22 19:02 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\DiagTrack 2024-11-22 19:02 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr 2024-11-20 18:35 - 2024-03-28 08:50 - 000000000 ____D C:\Windows\system32\MRT 2024-11-19 17:40 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp 2024-11-19 17:38 - 2024-03-24 13:36 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2024-11-19 17:33 - 2024-03-28 08:50 - 202035632 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================