Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 26.02.2024 01 Uruchomiony przez Kasia (administrator) LAPTOP-3GPAM757 (HUAWEI KPL-W0X) (26-02-2024 14:33:56) Uruchomiony z C:\Users\Kasia\Downloads\FRST64 (1).exe Załadowane profile: Kasia Platforma: Microsoft Windows 10 Home Wersja 22H2 19045.4046 (X64) Język: Polski (Polska) Domyślna przeglądarka: Edge Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe (C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <6> (C:\Program Files\Huawei\HwOsd\OSDMainService.exe ->) (Huawei Technologies Co., Ltd. -> ) [Brak podpisu cyfrowego] C:\Program Files\Huawei\HwOsd\OSDListener.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\Riot Games\Riot Client\RiotClientServices.exe ->) () [Brak podpisu cyfrowego] C:\Riot Games\Riot Client\RiotClientCrashHandler.exe (explorer.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe (explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <14> (explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Riot Games\Riot Client\RiotClientServices.exe (explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3989_none_7ddb45627cb30e03\TiWorker.exe (services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0333119.inf_amd64_281d0ca9ef2cf753\B333283\atiesrxx.exe (services.exe ->) (Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe (services.exe ->) (Huawei Technologies Co., Ltd. -> ) [Brak podpisu cyfrowego] C:\Program Files\Huawei\HwOsd\OSDMainService.exe (services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_82608b626ba1b8a0\RtkAudUService64.exe <3> (services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (svchost.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (svchost.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.17231.20236.0_x86__8wekyb3d8bbwe\Office16\SDXHelperBgt.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_82608b626ba1b8a0\RtkAudUService64.exe [1203952 2020-11-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKU\S-1-5-21-862887151-3872513514-3679125287-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-01-15] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-862887151-3872513514-3679125287-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4388200 2024-01-13] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-862887151-3872513514-3679125287-1001\...\Run: [Discord] => C:\Users\Kasia\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub) HKU\S-1-5-21-862887151-3872513514-3679125287-1001\...\Run: [Spotify] => C:\Users\Kasia\AppData\Roaming\Spotify\Spotify.exe [24049800 2021-06-20] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-862887151-3872513514-3679125287-1001\...\Run: [Chromium] => "c:\users\kasia\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session [4186112 2017-10-10] (The Chromium Authors) [Brak podpisu cyfrowego] HKU\S-1-5-21-862887151-3872513514-3679125287-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [70920704 2024-02-09] (Riot Games, Inc. -> Riot Games, Inc.) HKU\S-1-5-21-862887151-3872513514-3679125287-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-01-15] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-862887151-3872513514-3679125287-1001\...\Run: [MicrosoftEdgeAutoLaunch_A79870606730BA64FE7C0152F4EB1332] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4067896 2024-02-23] (Microsoft Corporation -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\121.0.6167.189\Installer\chrmstp.exe [2024-02-23] (Google LLC -> Google LLC) ==================== Zaplanowane zadania (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {CF88A4C1-6C56-47DA-ABEE-FE3E5DDAFA2D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-11] (Adobe Inc. -> Adobe) Task: {40C6D035-E7DE-4B74-8BDE-768E6066C421} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-11] (Adobe Inc. -> Adobe) Task: {4E48DCAF-610D-4481-9DF8-16450F7E971B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.) Task: {01BB2C9C-5CBE-40AB-8EBF-485DD2217EF9} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6315.0{306885A3-B291-46D0-90ED-7229E930A708} => C:\Program Files (x86)\Google\GoogleUpdater\124.0.6315.0\updater.exe [4698400 2024-02-22] (Google LLC -> Google LLC) <==== UWAGA Task: {B2037159-AD62-44E9-80F4-5CEAE4B22587} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C3B2F0E3-7505-4782-B164-A996726B1B45} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {7EC0624E-301B-4BED-86EE-BC642538499F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {12CB5E30-AF96-4927-831C-D604BEFFA595} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {3E56B5C4-5B39-44C6-BF96-EBAD8EE43288} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49032 2018-09-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{20a7effe-7534-4ae5-adf1-1aa757161eb3}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{20a7effe-7534-4ae5-adf1-1aa757161eb3}\54455425E2E45445E205C4F534C6F6B6379613231343: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{20a7effe-7534-4ae5-adf1-1aa757161eb3}\845514755494D234543364: [DhcpNameServer] 192.168.8.1 Tcpip\..\Interfaces\{20a7effe-7534-4ae5-adf1-1aa757161eb3}\960586F6E6560282B427A79737A747F66692: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{20a7effe-7534-4ae5-adf1-1aa757161eb3}\A71626B616: [DhcpNameServer] 192.168.99.91 192.168.99.90 Tcpip\..\Interfaces\{20a7effe-7534-4ae5-adf1-1aa757161eb3}\A71626B616: [DhcpDomain] zabka.pl Tcpip\..\Interfaces\{6d06d4af-707f-4c40-af8e-e96b1417d001}: [DhcpNameServer] 40.40.1.11 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Kasia\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-26] Edge Extension: (Dokumenty Google offline) - C:\Users\Kasia\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-24] Edge Extension: (Edge relevant text changes) - C:\Users\Kasia\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Kasia\AppData\Local\Google\Chrome\User Data\Default [2024-02-26] CHR Notifications: Default -> hxxps://www.youtube.com CHR Extension: (Dokumenty Google offline) - C:\Users\Kasia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-16] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Kasia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-20] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-11] (Adobe Inc. -> Adobe) R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [271272 2018-05-16] (Dolby Laboratories, Inc. -> ) R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [288192 2018-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) S2 GoogleUpdaterInternalService124.0.6315.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6315.0\updater.exe [4698400 2024-02-22] (Google LLC -> Google LLC) <==== UWAGA S2 GoogleUpdaterService124.0.6315.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6315.0\updater.exe [4698400 2024-02-22] (Google LLC -> Google LLC) <==== UWAGA R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-02-07] (Malwarebytes Inc. -> Malwarebytes) R2 OSDMainService; C:\Program Files\Huawei\HwOsd\OSDMainService.exe [665928 2019-01-18] (Huawei Technologies Co., Ltd. -> ) [Brak podpisu cyfrowego] R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-02-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-02-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-02-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-07] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-07] (Microsoft Windows -> Microsoft Corporation) R3 WDTDrv; C:\WINDOWS\System32\Drivers\WDTDrv.sys [27048 2018-02-27] (Huawei Technologies Co., Ltd. -> Huawei Device) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-02-26 14:32 - 2024-02-26 14:32 - 002386944 _____ (Farbar) C:\Users\Kasia\Downloads\FRST64 (1).exe 2024-02-21 11:32 - 2024-02-21 11:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem 2024-02-18 21:05 - 2024-02-18 21:05 - 000000000 ___HD C:\OneDriveTemp 2024-02-15 13:24 - 2024-02-15 13:24 - 000019697 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json 2024-02-15 13:24 - 2024-02-15 13:24 - 000019697 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2024-02-15 13:11 - 2024-02-15 13:11 - 000000000 ___HD C:\$WinREAgent 2024-02-07 16:24 - 2024-02-07 16:24 - 000020216 _____ C:\Users\Kasia\Downloads\FRST (1).txt 2024-02-07 15:14 - 2024-02-07 15:14 - 000030730 _____ C:\Users\Kasia\Downloads\Shortcut.txt 2024-02-07 15:13 - 2024-02-07 15:14 - 000052464 _____ C:\Users\Kasia\Downloads\Addition.txt 2024-02-07 15:12 - 2024-02-26 14:35 - 000015412 _____ C:\Users\Kasia\Downloads\FRST.txt 2024-02-07 15:11 - 2024-02-26 14:34 - 000000000 ____D C:\FRST 2024-02-07 15:10 - 2024-02-07 15:11 - 002389504 _____ (Farbar) C:\Users\Kasia\Downloads\FRST64.exe 2024-02-07 15:00 - 2024-02-07 15:01 - 000000000 ____D C:\AdwCleaner 2024-02-07 15:00 - 2024-02-07 15:00 - 008797968 _____ (Malwarebytes) C:\Users\Kasia\Downloads\adwcleaner.exe 2024-02-07 15:00 - 2024-02-07 15:00 - 008551608 _____ (Malwarebytes) C:\Users\Kasia\Downloads\adwcleaner8.3.2.exe 2024-02-07 14:53 - 2024-02-07 14:53 - 000000000 ____D C:\Users\Kasia\AppData\Local\mbam 2024-02-07 14:50 - 2024-02-21 23:09 - 000000000 ____D C:\Users\Kasia\AppData\Local\Malwarebytes 2024-02-07 14:50 - 2024-02-07 14:50 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2024-02-07 14:50 - 2024-02-07 14:50 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2024-02-07 14:50 - 2024-02-07 14:50 - 000000000 ____D C:\ProgramData\Malwarebytes 2024-02-07 14:50 - 2024-02-07 14:50 - 000000000 ____D C:\Program Files\Malwarebytes 2024-02-07 14:49 - 2024-02-07 14:49 - 002582384 _____ (Malwarebytes) C:\Users\Kasia\Downloads\MBSetup.exe ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-02-26 14:32 - 2019-04-21 12:47 - 000000000 ____D C:\Program Files (x86)\Steam 2024-02-26 14:31 - 2020-09-25 00:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-02-25 22:04 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2024-02-25 22:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-02-25 22:04 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-02-25 10:41 - 2020-06-10 19:21 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-02-25 10:41 - 2020-06-10 19:21 - 000002293 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2024-02-23 16:35 - 2021-12-23 17:49 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-02-23 15:31 - 2019-02-02 14:06 - 000002314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-02-23 15:31 - 2019-02-02 14:06 - 000002273 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2024-02-22 15:01 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2024-02-21 23:16 - 2020-09-25 00:08 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-02-21 23:16 - 2020-09-25 00:08 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-02-21 11:35 - 2019-02-02 14:02 - 000000000 ____D C:\Program Files (x86)\Google 2024-02-19 07:35 - 2020-09-25 00:09 - 001767984 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-02-19 07:35 - 2019-12-07 16:08 - 000785594 _____ C:\WINDOWS\system32\perfh015.dat 2024-02-19 07:35 - 2019-12-07 16:08 - 000152454 _____ C:\WINDOWS\system32\perfc015.dat 2024-02-19 07:35 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2024-02-18 21:05 - 2018-12-28 05:49 - 000000000 ___RD C:\Users\Kasia\OneDrive 2024-02-18 21:04 - 2020-09-25 00:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-02-18 21:04 - 2020-09-25 00:00 - 000297400 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2024-02-18 21:04 - 2020-09-25 00:00 - 000008192 ___SH C:\DumpStack.log.tmp 2024-02-18 21:04 - 2019-12-07 10:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI 2024-02-18 21:03 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2024-02-18 21:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2024-02-18 21:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2024-02-18 21:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2024-02-18 21:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2024-02-18 21:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2024-02-18 21:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2024-02-18 21:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2024-02-18 21:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2024-02-18 21:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2024-02-18 21:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2024-02-18 21:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-02-15 13:28 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-02-15 13:23 - 2020-09-25 00:05 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2024-02-15 13:11 - 2019-02-02 14:35 - 000000000 ____D C:\WINDOWS\system32\MRT 2024-02-15 13:11 - 2019-02-02 14:07 - 000000000 ____D C:\ProgramData\Packages 2024-02-15 13:11 - 2018-12-28 05:47 - 000000000 ____D C:\Users\Kasia\AppData\Local\Packages 2024-02-15 13:10 - 2018-12-28 05:49 - 000000000 ____D C:\Users\Kasia\AppData\Local\PlaceholderTileLogoFolder 2024-02-15 13:09 - 2019-02-02 14:35 - 191155960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2024-02-13 09:31 - 2021-12-12 11:39 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-862887151-3872513514-3679125287-1001 2024-02-13 09:31 - 2020-09-25 00:08 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-862887151-3872513514-3679125287-1001 2024-02-13 09:31 - 2020-09-25 00:01 - 000002430 _____ C:\Users\Kasia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-02-07 14:52 - 2019-04-25 06:20 - 000000000 ____D C:\Users\Kasia\AppData\Local\D3DSCache 2024-02-07 14:50 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP ==================== Pliki w katalogu głównym wybranych folderów ======== 2018-12-28 05:52 - 2018-12-28 05:52 - 000000017 _____ () C:\Users\Kasia\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================