Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 10.04.2024 Uruchomiony przez padod (administrator) KOLOS_DAROS (HUAWEI MRC-WX0) (13-04-2024 07:53:12) Uruchomiony z C:\Users\padod\Downloads\FRST64.exe Załadowane profile: padod Platforma: Microsoft Windows 11 Home Wersja 23H2 22631.3447 (X64) Język: Polski (Polska) Domyślna przeglądarka: Edge Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (C:\Program Files\Huawei\HMS Core\HMSCoreService.exe ->) (Huawei Technologies Co., Ltd. -> Huawei Technologies Co., Ltd.) C:\Program Files\Huawei\HMS Core\HMSCoreContainer.exe (C:\Program Files\Huawei\PCManager\HwMdcCenter.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\PCManager\DFSSearchService.exe (C:\Program Files\Huawei\PCManager\HwMdcCenter.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\PCManager\HwMdcUI.exe (C:\Program Files\Huawei\PCManager\MateBookService.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\PCManager\HwMdcCenter.exe (C:\Program Files\Huawei\PCManager\MateBookService.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\PCManager\MBAMessageCenter.exe (C:\Program Files\Huawei\PCManager\MateBookService.exe ->) (Huawei Technologies Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\Hiview\HiviewService.exe (C:\Program Files\Huawei\PCManager\MBAMessageCenter.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\PCManager\MessageCenterUI.exe (C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2> (C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.450.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.81\msedgewebview2.exe <7> (DriverStore\FileRepository\cui_dch.inf_amd64_98728bfffafc23c2\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_98728bfffafc23c2\igfxEM.exe (explorer.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX3\APP\DAX3TrayIcon.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <33> (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe (Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (Dolby Laboratories, Inc. -> ) C:\Program Files\Dolby\Dolby DAX3\API\DAX3API.exe (services.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\BasicService\BasicService.exe (services.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\HwLcdEnhancement\LCD_Service.exe (services.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\PCManager\HiConnectivityService.exe (services.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\PCManager\HwDistributedMainService.exe (services.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\PCManager\MateBookService.exe (services.exe ->) (Huawei Technologies Co., Ltd. -> Huawei Technologies Co., Ltd.) C:\Program Files\Huawei\HMS Core\HMSCoreService.exe (services.exe ->) (Huawei Technologies Co., Ltd. -> Huawei Technologies Co., Ltd.) C:\Program Files\Huawei\wucs\WUCSProxyService.exe (services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe (services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_98728bfffafc23c2\igfxCUIService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_22dff82e7da0099b\OneApp.IGCC.WinService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b53c057d22ce6f37\IntelCpHDCPSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b53c057d22ce6f37\IntelCpHeciSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_df0bea5643beeb1b\aesm_service.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe (services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe (services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5435.0_x64__8j3eq9eme6ctt\IGCC.exe (svchost.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_7.124.3191.0_x64__8wekyb3d8bbwe\GameBar.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_7.124.3191.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.450.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [APP] => C:\Program Files\Dolby\Dolby DAX3\APP\DAX3TrayIcon.exe [963376 2018-02-01] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515096 2019-01-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18414712 2019-01-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Brak podpisu cyfrowego] HKU\S-1-5-21-3672157126-2932005878-3572748644-1001\...\Run: [MicrosoftEdgeAutoLaunch_A3DA58C843B45FF75A7F7A9B258653DD] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4063784 2024-04-04] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3672157126-2932005878-3572748644-1001\...\MountPoints2: {10d674bb-74b9-11ee-a9ce-5076af1a00a8} - "F:\Bolt.exe" HKLM\...\Print\Monitors\PDF-XChange5-ABBYY: C:\Windows\system32\pxc50pma.dll [58936 2014-10-10] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\chrmstp.exe [2024-04-11] (Google LLC -> Google LLC) ==================== Zaplanowane zadania (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {9F4CE4C8-06FD-49C9-89C6-3F0DDEEA31A9} - Brak ścieżki do pliku. <==== UWAGA Task: {3B39C87F-C86E-4F59-AEFF-7502EAAADF8D} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-padoda@go2.pl => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {B0B57A1D-A817-46C2-8CE5-0D351244FA01} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5381288 2024-03-27] (Microsoft Windows -> Microsoft Corporation) Task: {188A4A61-143D-4994-A5E8-4F5C794D64BD} - System32\Tasks\GoogleUpdateTaskMachineCore{720BFE7C-7009-4D6E-A83E-778ED5AE64E5} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-08-07] (Google LLC -> Google LLC) Task: {1B1BF435-3380-4938-A3E9-8165F1DCC062} - System32\Tasks\GoogleUpdateTaskMachineUA{FD70D721-44F0-442B-82EF-97E96BD49FA0} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-08-07] (Google LLC -> Google LLC) Task: {990F083C-7E84-4BA8-9382-EDA880984B89} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [4910680 2024-02-21] (Intel Corporation -> Intel Corporation) Task: {92574CB3-32DF-473D-8DA4-E02664F0F26B} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [4910680 2024-02-21] (Intel Corporation -> Intel Corporation) Task: {BB3FB59C-74F7-4B42-AD67-9FEAABCA766D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Brak pliku) Task: {FE28D69B-EAF8-4861-8AF4-BE53183F23E8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28452944 2024-04-06] (Microsoft Corporation -> Microsoft Corporation) Task: {201EED94-785E-4EF1-9007-67DED7287463} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28452944 2024-04-06] (Microsoft Corporation -> Microsoft Corporation) Task: {D510AC14-2C45-45D1-8EA6-1F536DE71565} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309944 2024-04-12] (Microsoft Corporation -> Microsoft Corporation) Task: {E97EE9F7-9D06-4C00-A383-550E396E89B8} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309944 2024-04-12] (Microsoft Corporation -> Microsoft Corporation) Task: {F570A703-D46A-4752-A138-87D8C02186A0} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [168488 2024-04-03] (Microsoft Corporation -> Microsoft Corporation) Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Brak pliku) Task: {70D31B8D-8A82-4C0E-92F8-43F17B3FC0D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C1C8EEC4-8DF7-4924-9BF2-BFF0F3AEDC86} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E8016FEA-2281-45F5-8BB1-60F6EC5696D5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {9AE20E26-1DA6-4852-99A2-A7A0D732B041} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E61ACD25-B2E3-408B-9FA9-6A361F6B3414} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2024-02-18] (Microsoft Corporation -> Microsoft Corporation) Task: {21CFA80B-E775-4A6C-B9FE-3E8DD43A443D} - System32\Tasks\Opera scheduled assistant Autoupdate 1709495059 => E:\Opera\launcher.exe [1580448 2024-03-18] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="E:\Opera\assistant" $(Arg0) Task: {815B8427-831F-45B9-AFB0-1ABF9EEF516B} - System32\Tasks\Opera scheduled Autoupdate 1709495056 => E:\Opera\autoupdate\opera_autoupdate.exe [5709728 2024-03-14] (Opera Norway AS -> Opera Software) Task: {D3B3A993-4925-47E6-8419-469A794A11B2} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\Windows\System32\Wscript.exe [200704 2023-05-05] (Microsoft Windows -> Microsoft Corporation) -> C:\Program Files\Intel\SUR\QUEENCREEK\x64\//B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.88.1 Tcpip\..\Interfaces\{3646e28f-d488-43ea-85b5-e50d6ed30d7f}: [DhcpNameServer] 192.168.88.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\padod\AppData\Local\Microsoft\Edge\User Data\Default [2024-04-13] Edge Notifications: Default -> hxxps://www.facebook.com; hxxps://www.msn.com Edge HomePage: Default -> hxxp://www.bing.com/ Edge StartupUrls: Default -> "hxxp://www,bing,com/" Edge DefaultSearchURL: Default -> {bing:baseURL}search?q={searchTerms}&{bing:cvid}{bing:msb}{google:assistedQueryStats} Edge Extension: (Tłumacz Google) - C:\Users\padod\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-08-07] Edge Extension: (Dokumenty Google offline) - C:\Users\padod\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-22] Edge Extension: (The Elder Scrolls V: Skyrim 10th Anniversary) - C:\Users\padod\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\icahgcdchandbkbhminlkmeljdoflpoi [2023-12-29] Edge Extension: (Edge relevant text changes) - C:\Users\padod\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-25] Edge Profile: C:\Users\padod\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2024-01-26] FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [Brak pliku] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-04-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [Brak pliku] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\padod\AppData\Local\Google\Chrome\User Data\Default [2024-04-13] CHR Notifications: Default -> hxxps://www.facebook.com CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxps://www.google.pl/" CHR Extension: (Tłumacz Google) - C:\Users\padod\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-08-07] CHR Extension: (WOT – Bezpieczeństwo witryn i bezpieczne przeglądanie) - C:\Users\padod\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2024-04-02] CHR Extension: (Adblock Plus - darmowy adblocker) - C:\Users\padod\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-04-03] CHR Extension: (Dokumenty Google offline) - C:\Users\padod\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-23] CHR Extension: (AdBlock — najlepszy bloker reklam) - C:\Users\padod\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-04-11] CHR Extension: (Video DownloadHelper) - C:\Users\padod\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2024-03-21] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\padod\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-08-07] Opera: ======= OPR DefaultProfile: Default StartMenuInternet: (HKU\S-1-5-21-3672157126-2932005878-3572748644-1001) OperaStable - "E:\Opera\opera.exe" ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14221280 2024-04-06] (Microsoft Corporation -> Microsoft Corporation) R2 Dolby DAX API Service; C:\Program Files\Dolby\Dolby DAX3\API\DAX3API.exe [212784 2017-09-19] (Dolby Laboratories, Inc. -> ) R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [43784 2024-03-27] (Intel Corporation -> Intel) R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [291592 2024-03-27] (Intel Corporation -> Intel) S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncHelper.exe [3515936 2024-02-18] (Microsoft Corporation -> Microsoft Corporation) R2 HiConnectivityService; C:\Program Files\Huawei\PCManager\HiConnectivityService.exe [1701240 2023-06-06] (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) R2 HMSCoreService; C:\Program Files\Huawei\HMS Core\HMSCoreService.exe [178760 2022-10-28] (Huawei Technologies Co., Ltd. -> Huawei Technologies Co., Ltd.) R2 HwDistributedMainService; C:\Program Files\Huawei\PCManager\HwDistributedMainService.exe [1600376 2023-06-06] (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) R2 HwPCCoreService; C:\Program Files\Huawei\BasicService\BasicService.exe [630136 2023-06-02] (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) R2 LCD_Service; C:\Program Files\Huawei\HwLcdEnhancement\LCD_Service.exe [44408 2023-05-26] (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) R2 MBAMainService; C:\Program Files\Huawei\PCManager\MateBookService.exe [598392 2023-06-06] (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.020.0128.0003\OneDriveUpdaterService.exe [3853856 2024-02-18] (Microsoft Corporation -> Microsoft Corporation) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Brak podpisu cyfrowego] R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe [3199648 2024-04-09] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe [133576 2024-04-09] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WirelessKB850NotificationService; C:\Windows\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation) R2 WUCSProxy; C:\Program Files\Huawei\wucs\WUCSProxyService.exe [7148616 2023-05-18] (Huawei Technologies Co., Ltd. -> Huawei Technologies Co., Ltd.) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 HwOs2ECx64; C:\Program Files\Huawei\PCManager\HwOs2EC10x64.sys [50808 2023-06-06] (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) R3 MpKslada2254a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{65DF5EED-699D-45C2-AAC9-330BF5938CAE}\MpKslDrv.sys [301336 2024-04-12] (Microsoft Windows -> Microsoft Corporation) R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv64.sys [766688 2017-08-27] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.) R0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [20936 2024-04-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [601376 2024-04-09] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105760 2024-04-09] (Microsoft Windows -> Microsoft Corporation) R3 WDTDrv; C:\Windows\System32\Drivers\WDTDrv.sys [27048 2018-02-26] (Huawei Technologies Co., Ltd. -> Huawei Device) S3 WirelessKeyboardFilter; C:\Windows\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation) R2 WUCS; C:\Windows\system32\drivers\WUCSDriver.sys [969664 2023-05-18] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 WacHidRouter; \SystemRoot\System32\drivers\wachidrouter.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-04-13 07:53 - 2024-04-13 07:53 - 000025372 _____ C:\Users\padod\Downloads\FRST.txt 2024-04-13 07:53 - 2024-04-13 07:53 - 000000000 ____D C:\Users\padod\Downloads\FRST-OlderVersion 2024-04-13 07:52 - 2024-04-13 07:53 - 002394112 _____ (Farbar) C:\Users\padod\Downloads\FRST64.exe 2024-04-13 07:52 - 2024-04-13 07:53 - 000000000 ____D C:\FRST 2024-04-12 19:36 - 2024-04-12 19:36 - 000539500 _____ C:\Users\padod\Downloads\IMG_20240412_193210.pdf 2024-04-09 21:05 - 2024-04-09 21:05 - 000764102 _____ C:\Windows\system32\perfh015.dat 2024-04-09 21:05 - 2024-04-09 21:05 - 000150950 _____ C:\Windows\system32\perfc015.dat 2024-04-08 09:30 - 2024-04-08 09:30 - 000003670 _____ C:\Windows\system32\Tasks\USER_ESRV_SVC_QUEENCREEK 2024-04-03 19:39 - 2024-04-03 19:39 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2024-04-03 12:49 - 2024-04-03 12:49 - 000012569 _____ C:\ProgramData\vxnylktj.vfa 2024-04-03 12:49 - 2024-04-03 12:49 - 000000000 ____D C:\Users\padod\AppData\Local\VideoEditor 2024-04-03 12:49 - 2024-04-03 12:49 - 000000000 ____D C:\Cracked_By_DrZero 2024-04-02 18:32 - 2024-04-02 18:32 - 000057385 _____ C:\Users\padod\Downloads\Kalkulator_ratingu_ver_150.xlsx 2024-03-27 09:43 - 2024-03-27 09:43 - 000000000 ____D C:\Windows\SysWOW64\DDFs 2024-03-27 09:34 - 2024-03-27 09:34 - 000024320 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json 2024-03-27 09:33 - 2024-03-27 09:33 - 000024320 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json 2024-03-18 20:39 - 2024-03-18 20:39 - 000000000 ____D C:\Users\padod\AppData\Local\HD-Player 2024-03-18 20:38 - 2024-03-18 20:38 - 000007157 _____ C:\Users\padod\-1.14-windows.xml 2024-03-18 20:37 - 2024-03-18 20:37 - 000000000 ____D C:\Users\padod\AppData\Local\bluestacks-services-updater 2024-03-18 20:35 - 2024-03-18 21:16 - 000000000 ____D C:\Users\padod\AppData\Local\Bluestacks 2024-03-18 20:35 - 2024-03-18 20:35 - 000000000 ____D C:\Users\Public\BlueStacks ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-04-13 07:53 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemTemp 2024-04-13 07:50 - 2023-08-07 15:46 - 000000000 ____D C:\Users\padod\AppData\Local\D3DSCache 2024-04-13 07:49 - 2023-08-07 19:14 - 000000000 ____D C:\Program Files (x86)\Google 2024-04-13 07:49 - 2023-08-07 17:41 - 000000000 ____D C:\Users\padod\AppData\Roaming\PCManager 2024-04-13 07:49 - 2023-08-07 15:46 - 000000000 __SHD C:\Users\padod\IntelGraphicsProfiles 2024-04-12 20:44 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-04-12 20:38 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps 2024-04-12 20:38 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\AppReadiness 2024-04-12 20:33 - 2023-08-07 16:12 - 000000000 ____D C:\Users\padod\AppData\Roaming\Microsoft\Word 2024-04-12 20:32 - 2023-08-07 16:06 - 000000000 ____D C:\Program Files\Microsoft Office 2024-04-12 19:19 - 2023-11-22 22:14 - 000002423 _____ C:\Windows\system32\default_error_stack-000000-000000.txt 2024-04-11 19:35 - 2022-05-07 07:22 - 000000000 ____D C:\Windows\INF 2024-04-11 19:23 - 2023-08-07 15:35 - 000000000 ____D C:\Windows\system32\SleepStudy 2024-04-11 18:46 - 2023-08-07 19:15 - 000002259 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-04-09 21:16 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate 2024-04-09 21:11 - 2023-08-07 15:36 - 000000000 ____D C:\Windows\system32\Drivers\wd 2024-04-09 21:05 - 2023-08-07 15:47 - 001707094 _____ C:\Windows\system32\PerfStringBackup.INI 2024-04-09 21:01 - 2023-08-08 19:03 - 000001527 _____ C:\Windows\system32\config\VSMIDK 2024-04-09 21:01 - 2023-08-08 06:33 - 000012288 ___SH C:\DumpStack.log.tmp 2024-04-09 21:01 - 2023-08-07 22:25 - 000000000 ___HD C:\Intel 2024-04-09 21:01 - 2023-08-07 15:36 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2024-04-09 21:01 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ServiceState 2024-04-09 21:00 - 2023-08-07 15:35 - 005143848 _____ C:\Windows\system32\FNTCACHE.DAT 2024-04-09 21:00 - 2022-05-07 07:17 - 000786432 _____ C:\Windows\system32\config\BBI 2024-04-09 20:59 - 2023-09-27 12:48 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView 2024-04-09 20:59 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemResources 2024-04-09 20:59 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Sgrm 2024-04-09 20:59 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SecureBootUpdates 2024-04-09 20:59 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\bcastdvr 2024-04-09 20:56 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\CbsTemp 2024-04-09 20:54 - 2023-08-07 15:38 - 003213824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2024-04-09 20:45 - 2023-08-07 17:34 - 000000000 ____D C:\Windows\system32\MRT 2024-04-09 20:43 - 2023-08-07 17:34 - 192651728 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2024-04-09 20:33 - 2023-11-19 21:20 - 000003834 _____ C:\Windows\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2024-04-08 20:02 - 2023-08-07 15:44 - 000000000 ____D C:\Users\padod 2024-04-08 09:30 - 2023-11-19 20:56 - 000003762 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 2024-04-08 09:30 - 2023-11-19 20:56 - 000003528 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon 2024-04-08 09:26 - 2023-08-09 10:08 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-04-06 08:49 - 2023-08-07 15:36 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-04-06 08:49 - 2023-08-07 15:36 - 000003442 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-04-03 19:39 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2024-04-03 13:08 - 2023-08-18 20:31 - 000000000 ____D C:\Users\padod\AppData\Roaming\Microsoft\Excel 2024-04-03 12:49 - 2023-08-10 19:58 - 000000000 ____D C:\Users\padod\AppData\Local\Movavi 2024-04-02 18:32 - 2023-08-07 15:46 - 000000000 ____D C:\Users\padod\AppData\Local\Packages 2024-03-29 09:44 - 2023-11-19 20:56 - 000001516 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk 2024-03-29 09:44 - 2023-08-07 20:09 - 000000000 ____D C:\ProgramData\Package Cache 2024-03-29 09:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SecurityHealth 2024-03-27 09:43 - 2022-05-07 07:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2024-03-27 09:43 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata 2024-03-27 09:43 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\WinMetadata 2024-03-27 09:43 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\ShellExperiences 2024-03-27 09:43 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\oobe 2024-03-27 09:43 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\HealthAttestationClient 2024-03-27 09:43 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\DDFs 2024-03-27 09:43 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellComponents 2024-03-27 09:43 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\Provisioning 2024-03-22 16:50 - 2023-08-29 15:00 - 000002590 _____ C:\Windows\system32\Tasks\CreateExplorerShellUnelevatedTask 2024-03-22 16:44 - 2024-03-03 21:44 - 000003762 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1709495059 2024-03-22 16:44 - 2024-03-03 21:44 - 000003680 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1709495056 2024-03-18 14:51 - 2024-03-03 21:44 - 000000714 _____ C:\Users\padod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk 2024-03-15 12:15 - 2023-09-25 20:16 - 000000000 ____D C:\Users\padod\AppData\Local\Steam ==================== Pliki w katalogu głównym wybranych folderów ======== 2023-11-15 18:25 - 2023-11-15 18:25 - 000001496 _____ () C:\Users\padod\AppData\Local\Adobe Zapisz dla Internetu 13.0 Prefs 2024-02-20 13:50 - 2024-02-20 13:52 - 000007626 _____ () C:\Users\padod\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================