Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 13-03-2021 Uruchomiony przez Mateusz (administrator) DESKTOP-1FMIV6N (Hewlett-Packard HP ENVY 15 Notebook PC) (13-03-2021 22:50:49) Uruchomiony z D:\Pobrane\Firefox Załadowane profile: Mateusz Platform: Windows 10 Home Wersja 1909 18363.1440 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe (Electronic Arts, Inc. -> Electronic Arts) E:\Programy\Origin\OriginWebHelperService.exe (Intel CASE -> ) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (Intel CASE -> Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MSPaint_6.2009.30067.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\osk.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\NisSrv.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14> (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2> (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8506112 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-06-18] (Intel CASE -> Intel Corporation) HKU\S-1-5-21-185238820-2907552400-1939453589-1001\...\Run: [EpicGamesLauncher] => D:\Gry\Epic\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32952800 2021-03-12] (Epic Games Inc. -> Epic Games, Inc.) HKLM\Software\...\AppCompatFlags\Custom\H3Blade.exe: [{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb] -> HoMM III Compatibility Database HKLM\Software\...\AppCompatFlags\Custom\Heroes3.exe: [{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb] -> HoMM III Compatibility Database HKLM\Software\...\AppCompatFlags\InstalledSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb [2020-10-24] ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {308F4595-28D2-40BD-8531-01300F16A143} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694752 2021-03-06] (Mozilla Corporation -> Mozilla Foundation) Task: {6524A80E-83BF-4F8D-B584-99F5D3BB0DD4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {756FDBBA-71B1-4594-8FF4-88D330028F36} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D31628BC-1941-4B7C-B182-63E585F1B242} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F75EEEC3-66FE-44B7-8975-0029126B4009} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.10.1 86.100.0.8 86.100.0.88 Tcpip\..\Interfaces\{688fa754-5628-4c46-8482-43e7b454ad04}: [DhcpNameServer] 217.172.224.160 89.231.1.206 Tcpip\..\Interfaces\{da729f26-5bfd-4927-bf42-89b33f4f7356}: [DhcpNameServer] 192.168.10.1 86.100.0.8 86.100.0.88 Edge: ======= DownloadDir: C:\Users\Mateusz\Downloads Edge Session Restore: HKU\S-1-5-21-185238820-2907552400-1939453589-1001 -> [funkcja włączona] Edge Profile: C:\Users\Mateusz\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-13] Edge Session Restore: Default -> [funkcja włączona] FireFox: ======== FF DefaultProfile: 9yvotpmn.default FF ProfilePath: C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\m4p0qejh.default-release-1 [2021-03-13] FF DownloadDir: D:\Pobrane\Firefox FF Session Restore: Mozilla\Firefox\Profiles\m4p0qejh.default-release-1 -> [funkcja włączona] FF Notifications: Mozilla\Firefox\Profiles\m4p0qejh.default-release-1 -> hxxps://tinder.com FF Extension: (Facebook Container) - C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\m4p0qejh.default-release-1\Extensions\@contain-facebook.xpi [2020-09-29] FF Extension: (Keepa - Amazon Price Tracker) - C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\m4p0qejh.default-release-1\Extensions\amptra@keepa.com.xpi [2021-02-05] FF Extension: (Privacy Badger) - C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\m4p0qejh.default-release-1\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-02-02] FF Extension: (uBlock Origin) - C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\m4p0qejh.default-release-1\Extensions\uBlock0@raymondhill.net.xpi [2021-02-05] FF ProfilePath: C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\9yvotpmn.default [2020-01-19] FF ProfilePath: C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\fv291ij5.default-release [2020-04-03] FF Session Restore: Mozilla\Firefox\Profiles\fv291ij5.default-release -> [funkcja włączona] FF Extension: (Facebook Container) - C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\fv291ij5.default-release\Extensions\@contain-facebook.xpi [2020-03-14] FF Extension: (Keepa - Amazon Price Tracker) - C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\fv291ij5.default-release\Extensions\amptra@keepa.com.xpi [2020-02-19] FF Extension: (Nano Adblocker) - C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\fv291ij5.default-release\Extensions\{af881826-e0f9-4b97-898a-a416dc473545}.xpi [2020-03-28] FF Extension: (Nano Defender for Firefox) - C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\fv291ij5.default-release\Extensions\{fcf60470-b210-4c17-969e-9ae01491071e}.xpi [2020-03-28] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8906088 2021-03-06] (BattlEye Innovations e.K. -> ) R2 CIJSRegister; C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe [144784 2018-04-18] (Canon Inc. -> CANON INC.) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [399296 2019-11-28] (Canon Inc. -> ) R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-06-18] (Intel CASE -> ) S3 MBAMService; D:\Programy\Malwarebytes\MBAMService.exe [7456464 2021-03-13] (Malwarebytes Inc -> Malwarebytes) S3 Origin Client Service; E:\Programy\Origin\OriginClientService.exe [2523448 2021-01-20] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; E:\Programy\Origin\OriginWebHelperService.exe [3478336 2021-01-20] (Electronic Arts, Inc. -> Electronic Arts) R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [100384 2016-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\NisSrv.exe [2483624 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MsMpEng.exe [128392 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-03-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-03-13] (Malwarebytes Inc -> Malwarebytes) S3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [8218304 2019-04-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49544 2021-03-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [420088 2021-03-06] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-06] (Microsoft Windows -> Microsoft Corporation) R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP) S3 ALSysIO; \??\C:\Users\Mateusz\AppData\Local\Temp\ALSysIO64.sys [X] <==== UWAGA ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-03-13 22:50 - 2021-03-13 22:51 - 000000000 ____D C:\FRST 2021-03-13 08:51 - 2021-03-13 08:51 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2021-03-13 08:51 - 2021-03-13 08:51 - 000000774 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-03-13 08:50 - 2021-03-13 08:50 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys 2021-03-12 23:27 - 2021-03-12 23:27 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2021-03-12 23:27 - 2021-03-12 23:27 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2021-03-12 23:27 - 2021-03-12 23:27 - 001282360 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi 2021-03-12 23:27 - 2021-03-12 23:27 - 000000357 _____ C:\Windows\system32\DrtmAuth19.bin 2021-03-12 23:27 - 2021-03-12 23:27 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin 2021-03-12 23:27 - 2021-03-12 23:27 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin 2021-03-12 23:27 - 2021-03-12 23:27 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin 2021-03-12 23:27 - 2021-03-12 23:27 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin 2021-03-12 23:27 - 2021-03-12 23:27 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin 2021-03-12 23:27 - 2021-03-12 23:27 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin 2021-03-12 23:27 - 2021-03-12 23:27 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin 2021-03-12 23:27 - 2021-03-12 23:27 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin 2021-03-12 23:27 - 2021-03-12 23:27 - 000000315 _____ C:\Windows\system32\DrtmAuth18.bin 2021-03-12 23:27 - 2021-03-12 23:27 - 000000315 _____ C:\Windows\system32\DrtmAuth17.bin 2021-03-12 23:27 - 2021-03-12 23:27 - 000000315 _____ C:\Windows\system32\DrtmAuth16.bin 2021-03-12 23:27 - 2021-03-12 23:27 - 000000315 _____ C:\Windows\system32\DrtmAuth15.bin 2021-03-12 23:27 - 2021-03-12 23:27 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin 2021-03-12 23:27 - 2021-03-12 23:27 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin 2021-03-12 23:27 - 2021-03-12 23:27 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin 2021-03-12 23:27 - 2021-03-12 23:27 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin 2021-03-12 23:26 - 2021-03-12 23:26 - 001757632 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2021-03-12 23:26 - 2021-03-12 23:26 - 001365640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2021-03-12 23:26 - 2021-03-12 23:26 - 000861696 _____ C:\Windows\system32\MBR2GPT.EXE 2021-03-12 21:30 - 2021-03-12 21:30 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2021-03-10 23:10 - 2021-03-10 23:12 - 000000000 ____D C:\Users\Mateusz\Desktop\egzamin banksma rigger st3 2021-03-10 22:36 - 2021-03-10 22:37 - 000000000 ____D C:\Users\Mateusz\Desktop\Nowy folder (2) 2021-03-10 22:06 - 2021-03-10 22:09 - 000000000 ____D C:\Users\Mateusz\Desktop\meads 2021-03-10 21:53 - 2021-03-10 22:34 - 000000000 ____D C:\Users\Mateusz\Desktop\deep blue 2021-03-10 21:51 - 2021-03-10 21:51 - 000011299 _____ C:\Users\Mateusz\Desktop\technip rigger.odt 2021-03-10 21:50 - 2021-03-10 21:50 - 000011339 _____ C:\Users\Mateusz\Desktop\technip banksman.odt 2021-03-10 21:35 - 2021-03-11 10:01 - 000011474 _____ C:\Users\Mateusz\Desktop\vantage banksman.odt 2021-03-10 21:33 - 2021-03-11 10:00 - 000011325 _____ C:\Users\Mateusz\Desktop\vantage rigger.odt 2021-03-10 21:25 - 2021-03-10 22:27 - 000000000 ____D C:\Users\Mateusz\Desktop\saipem 2021-03-10 21:23 - 2021-03-10 21:53 - 000011224 _____ C:\Users\Mateusz\Desktop\saipem rigger.odt 2021-03-10 21:20 - 2021-03-10 21:53 - 000011134 _____ C:\Users\Mateusz\Desktop\saipem banksman.odt 2021-03-10 21:05 - 2021-03-10 21:04 - 000589798 _____ C:\Users\Mateusz\Desktop\IMO Crew List - Topaz Driller - 01_Mar.pdf 2021-03-10 21:01 - 2021-03-10 22:05 - 000011433 _____ C:\Users\Mateusz\Desktop\meads banksman.odt 2021-03-10 21:00 - 2021-03-10 22:05 - 000011332 _____ C:\Users\Mateusz\Desktop\meads rigger.odt 2021-03-10 18:44 - 2021-03-10 18:45 - 000000000 ____D C:\Users\Mateusz\Desktop\Nowy folder 2021-03-10 14:32 - 2021-03-10 14:32 - 000000000 ____D C:\Users\Mateusz\Desktop\PDF 2021-03-10 14:27 - 2021-03-10 22:07 - 000000000 ____D C:\Users\Mateusz\Desktop\JPG 2021-03-10 11:15 - 2021-03-09 10:16 - 000969164 _____ C:\Users\Mateusz\Desktop\Chester Step.pdf 2021-03-09 10:37 - 2021-03-09 10:37 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2021-03-06 16:01 - 2021-03-13 00:06 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-02-15 21:08 - 2021-02-15 21:08 - 032823224 _____ C:\Users\Mateusz\Desktop\FlexiQuiz - TOD Transition to Work Assessment (Non-Supervisor) — Mozilla Firefox 2021-02-15 21-08-07.mp4 2021-02-14 14:54 - 2021-02-14 13:53 - 000000000 ____D C:\Users\Mateusz\Desktop\VantageTraining Files 2021-02-13 09:59 - 2021-02-13 09:59 - 000232752 _____ C:\Windows\system32\containerdevicemanagement.dll 2021-02-11 11:40 - 2021-02-11 11:40 - 000406602 _____ C:\Users\Mateusz\Desktop\H2S Training.pdf ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-03-13 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-03-13 22:37 - 2020-01-19 11:55 - 000000000 ____D C:\Windows\system32\SleepStudy 2021-03-13 09:16 - 2020-01-19 12:10 - 001678738 _____ C:\Windows\system32\PerfStringBackup.INI 2021-03-13 09:16 - 2019-03-19 13:23 - 000749138 _____ C:\Windows\system32\perfh015.dat 2021-03-13 09:16 - 2019-03-19 13:23 - 000144750 _____ C:\Windows\system32\perfc015.dat 2021-03-13 09:16 - 2019-03-19 05:50 - 000000000 ____D C:\Windows\INF 2021-03-13 09:15 - 2020-01-19 12:52 - 000000000 ____D C:\ProgramData\Mozilla 2021-03-13 09:14 - 2020-01-19 12:53 - 000000000 ____D C:\Users\Mateusz\AppData\LocalLow\Mozilla 2021-03-13 09:12 - 2020-01-19 16:24 - 000000000 __SHD C:\Users\Mateusz\IntelGraphicsProfiles 2021-03-13 09:12 - 2020-01-19 13:00 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2021-03-13 09:11 - 2020-01-19 13:02 - 000000000 ____D C:\ProgramData\Synaptics 2021-03-13 09:11 - 2020-01-19 11:56 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2021-03-13 09:11 - 2019-03-19 05:37 - 000524288 _____ C:\Windows\system32\config\BBI 2021-03-13 08:50 - 2019-03-19 05:52 - 000000000 ___HD C:\Windows\ELAMBKUP 2021-03-13 05:34 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\AppReadiness 2021-03-13 00:09 - 2020-01-19 12:14 - 000000000 ___RD C:\Users\Mateusz\3D Objects 2021-03-13 00:07 - 2020-01-19 11:55 - 000455440 _____ C:\Windows\system32\FNTCACHE.DAT 2021-03-13 00:06 - 2020-04-03 15:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-03-13 00:04 - 2019-03-19 05:52 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2021-03-13 00:04 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\setup 2021-03-13 00:04 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\oobe 2021-03-13 00:04 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\Dism 2021-03-13 00:04 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SystemResources 2021-03-13 00:04 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\SystemResetPlatform 2021-03-13 00:04 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\setup 2021-03-13 00:04 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\oobe 2021-03-13 00:04 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\Dism 2021-03-13 00:04 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\ShellExperiences 2021-03-13 00:04 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\Provisioning 2021-03-13 00:04 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\PolicyDefinitions 2021-03-13 00:04 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\bcastdvr 2021-03-13 00:03 - 2020-01-19 12:12 - 000000000 ____D C:\Users\Mateusz 2021-03-12 23:36 - 2019-03-19 05:37 - 000000000 ____D C:\Windows\CbsTemp 2021-03-12 22:54 - 2020-01-19 16:29 - 000000000 ____D C:\Windows\system32\MRT 2021-03-12 22:51 - 2020-01-19 16:29 - 131005360 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2021-03-12 21:30 - 2020-04-03 15:33 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-03-12 08:50 - 2020-11-08 10:50 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-03-10 17:44 - 2020-01-19 16:48 - 000000000 ____D C:\Users\Mateusz\AppData\Roaming\AIMP 2021-03-09 10:59 - 2020-05-27 14:20 - 000011967 _____ C:\Users\Mateusz\Desktop\REKOMENDACYJNY LIST.odt 2021-03-09 10:16 - 2020-06-25 13:15 - 000000000 ____D C:\ProgramData\CanonIJPLM 2021-03-07 00:30 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps 2021-03-07 00:25 - 2020-10-01 22:35 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-03-06 15:58 - 2020-11-08 10:49 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-03-06 15:58 - 2020-11-08 10:49 - 000003386 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-03-06 15:57 - 2020-01-19 11:56 - 000000000 ____D C:\Windows\system32\Drivers\wd 2021-02-15 21:10 - 2020-01-19 17:52 - 000000000 ____D C:\Users\Mateusz\AppData\Roaming\vlc 2021-02-13 23:26 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\es-MX 2021-02-13 23:26 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\System 2021-02-13 10:03 - 2019-03-19 13:25 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll 2021-02-13 10:03 - 2019-03-19 13:25 - 000019469 _____ C:\Windows\system32\OEMDefaultAssociations.xml 2021-02-12 22:52 - 2020-02-07 16:36 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2021-02-12 22:52 - 2020-02-07 16:35 - 000000000 ____D C:\Users\Mateusz\AppData\Local\NVIDIA Corporation 2021-02-12 22:51 - 2020-01-19 12:14 - 000000000 ____D C:\Users\Mateusz\AppData\Local\Packages ==================== Pliki w katalogu głównym wybranych folderów ======== 2020-09-17 21:44 - 2020-09-17 22:56 - 000000081 _____ () C:\Users\Mateusz\AppData\Local\.bidstack.fault ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================