Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 22.05.2024 01 Uruchomiony przez Users (administrator) ANNA-DESKTOP-RT (Dell Inc. Latitude E5530 non-vPro) (23-05-2024 21:34:48) Uruchomiony z C:\Users\Users\Downloads\FRST64.exe Załadowane profile: Users Platforma: Microsoft Windows 10 Pro Wersja 22H2 19045.4412 (X64) Język: Polski (Polska) Domyślna przeglądarka: Edge Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <68> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <5> (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe (services.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\NisSrv.exe (sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2403.6.0_x64__8wekyb3d8bbwe\CalculatorApp.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21904.0_x64__8wekyb3d8bbwe\HxAccounts.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21904.0_x64__8wekyb3d8bbwe\HxOutlook.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21904.0_x64__8wekyb3d8bbwe\HxTsr.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Users\AppData\Local\Microsoft\OneDrive\24.098.0514.0001\FileCoAuth.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKU\S-1-5-21-2385923311-781784147-3047078187-1001\...\Run: [Microsoft Edge Update] => C:\Users\Users\AppData\Local\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateCore.exe [264264 2024-05-21] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2385923311-781784147-3047078187-1001\...\Run: [MicrosoftEdgeAutoLaunch_3250699E464B17C04A15332F6451998E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4136896 2024-05-17] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2385923311-781784147-3047078187-1001\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Users\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [68251680 2024-05-22] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2385923311-781784147-3047078187-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Users\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Brak pliku) HKU\S-1-5-21-2385923311-781784147-3047078187-1001\...\RunOnce: [Uninstall 24.097.0513.0001] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Users\AppData\Local\Microsoft\OneDrive\24.097.0513.0001" [0 2024-05-22] () <==== UWAGA [zerobajtowy plik/folder] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\125.0.6422.76\Installer\chrmstp.exe [2024-05-23] (Google LLC -> Google LLC) ==================== Zaplanowane zadania (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {01408E0C-1B46-478A-887F-EC24A6ED8E66} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{D950937D-D7BA-4850-86F5-8E9049EB7C58} => C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC) Task: {F21DAC6C-3897-4685-B2E7-EB98E99483C3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-22] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F98546D7-CD77-4FFF-8A5B-5ACC261F261F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-22] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {18B7BD9B-F831-427B-9A02-76AC29B5E4AF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-22] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F9EDD48D-E6DA-4CA6-9756-BF708B917FFE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-22] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B4FDD4E8-DCB3-43AD-A817-5F59F2E5A27F} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2385923311-781784147-3047078187-1001Core{6A575FAB-8E5F-4124-AEB9-6ACF1044FD8A} => C:\Users\Users\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206288 2023-06-05] (Microsoft Corporation -> Microsoft Corporation) Task: {6C57FAB9-93CF-4574-AE0B-9CE0E2986BA0} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2385923311-781784147-3047078187-1001UA{BA493BBB-A81B-407F-85E0-5A82A7BB083D} => C:\Users\Users\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206288 2023-06-05] (Microsoft Corporation -> Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{dad68f36-cb5c-477d-8947-73cea0eb6321}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{dad68f36-cb5c-477d-8947-73cea0eb6321}: [DhcpDomain] home Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Users\AppData\Local\Microsoft\Edge\User Data\Default [2024-05-23] Edge Extension: (Dokumenty Google offline) - C:\Users\Users\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-17] Edge Extension: (Edge relevant text changes) - C:\Users\Users\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-04-17] FireFox: ======== FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\Users\AppData\Local\Google\Chrome\User Data\Default [2024-05-23] CHR Extension: (Dokumenty Google offline) - C:\Users\Users\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-25] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Users\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-06-12] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S2 GoogleUpdaterInternalService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC) S2 GoogleUpdaterService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC) S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2023-04-13] () [Brak podpisu cyfrowego] R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpDefenderCoreService.exe [1489000 2024-05-22] (Microsoft Windows Publisher -> Microsoft Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522200 2024-05-21] (Microsoft Windows Publisher -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\NisSrv.exe [3236840 2024-05-22] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MsMpEng.exe [133704 2024-05-22] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] R0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [21056 2024-05-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [601496 2024-05-22] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105880 2024-05-22] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-05-23 21:34 - 2024-05-23 21:36 - 000011648 _____ C:\Users\Users\Downloads\FRST.txt 2024-05-23 21:32 - 2024-05-23 21:35 - 000000000 ____D C:\FRST 2024-05-23 21:30 - 2024-05-23 21:30 - 002395136 _____ (Farbar) C:\Users\Users\Downloads\FRST64.exe 2024-05-21 20:19 - 2024-05-21 20:19 - 000000000 ___HD C:\$WinREAgent 2024-05-21 19:39 - 2024-05-21 19:39 - 000000000 ____D C:\Windows\system32\Tasks\GoogleSystem 2024-04-29 21:28 - 2024-04-29 21:28 - 000002202 _____ C:\Users\Public\Desktop\ArCADia-TERMOCAD 10.1.lnk 2024-04-29 21:28 - 2024-04-29 21:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArCADia-TERMOCAD 10.1 (64-bit) 2024-04-29 21:25 - 2024-04-29 21:28 - 000000000 ___RD C:\Users\Public\Documents\ArCADiasoft 2024-04-29 21:05 - 2024-04-29 21:05 - 000001295 _____ C:\Users\Public\Desktop\ArCADiasoft-LICENSE MANAGER.lnk 2024-04-29 21:05 - 2024-04-29 21:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArCADiasoft-LICENSE MANAGER 2024-04-29 21:05 - 2024-04-29 21:05 - 000000000 ____D C:\Program Files (x86)\ArCADiasoft 2024-04-29 21:04 - 2024-04-29 21:04 - 036349368 _____ (ArCADiasoft Chudzik sp. j.) C:\Users\Users\Downloads\ArCADiasoft-LICENSE_MANAGER (1).exe 2024-04-29 20:53 - 2024-04-29 20:53 - 000194651 _____ C:\Users\Users\Downloads\418676_certificate_ArCADia-TERMOCAD ŚCHE 10_L01.pdf 2024-04-29 20:53 - 2024-04-29 20:53 - 000052328 _____ C:\Users\Users\Downloads\Dokument VAT I - 0141 04 2024 FVPA I.pdf 2024-04-29 20:53 - 2024-04-29 20:53 - 000000999 _____ C:\Users\Users\Downloads\1865604_NL_ArCADiaTermocad_PL_2024_04_29_142223_L001.isl 2024-04-26 20:56 - 2024-04-26 20:56 - 001445312 _____ (Adobe Inc) C:\Users\Users\Downloads\Reader_en_install.exe 2024-04-26 20:40 - 2024-04-26 20:40 - 006501575 _____ C:\Users\Users\Desktop\!!!_Poradnik_projektanta_Swiadectwo_energetyczne_!!!.pdf 2024-04-26 19:57 - 2024-04-26 19:57 - 000000524 _____ C:\Users\Users\Downloads\zgłoszenie konta do FB.txt 2024-04-26 19:29 - 2024-04-26 19:29 - 000000000 ____D C:\Users\Users\Downloads\Telegram Desktop 2024-04-26 11:26 - 2024-04-29 21:48 - 000000000 ____D C:\Program Files\ArCADiasoft 2024-04-26 09:57 - 2024-04-26 10:08 - 1858508968 _____ (ArCADiasoft Chudzik sp. j.) C:\Users\Users\Downloads\ArCADia-TERMOCAD_64bit_Demo.exe 2024-04-26 00:37 - 2024-04-26 00:37 - 000000000 ____D C:\Users\Users\AppData\Roaming\Microsoft\HTML Help 2024-04-26 00:36 - 2024-04-26 01:23 - 1858508968 _____ (ArCADiasoft Chudzik sp. j.) C:\Users\Users\Downloads\ArCADia-TERMOCAD_10.1_64bit.exe 2024-04-26 00:33 - 2024-04-26 00:34 - 036349368 _____ (ArCADiasoft Chudzik sp. j.) C:\Users\Users\Downloads\ArCADiasoft-LICENSE_MANAGER.exe 2024-04-26 00:08 - 2024-04-26 00:13 - 000002383 _____ C:\Users\Users\Downloads\błąd Arcadia 1.txt 2024-04-26 00:03 - 2024-04-26 00:03 - 000000000 ___RD C:\Users\Users\Documents\ArCADiasoft 2024-04-26 00:02 - 2024-04-29 11:51 - 000000000 ____D C:\Users\Users\AppData\Roaming\ArCADiasoft 2024-04-26 00:02 - 2024-04-26 11:53 - 000000000 ____D C:\Users\Users\AppData\Roaming\Common 2024-04-25 23:43 - 2024-04-25 23:43 - 000000000 ____D C:\Windows\InboxApps 2024-04-25 23:18 - 2024-04-29 21:25 - 000000000 ___RD C:\ProgramData\ArCADiasoft 2024-04-25 22:50 - 2024-04-25 22:51 - 000000000 ____D C:\ProgramData\Package Cache 2024-04-25 22:50 - 2024-04-25 22:51 - 000000000 ____D C:\Program Files\dotnet 2024-04-25 22:07 - 2024-04-25 22:07 - 000020861 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json 2024-04-25 21:56 - 2024-04-25 21:56 - 000020861 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json 2024-04-25 21:54 - 2024-04-25 22:39 - 1849903968 _____ (ArCADiasoft Chudzik sp. j.) C:\Users\Users\Downloads\ArCADia-TERMOCAD_10.0_64bit.exe ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-05-23 21:41 - 2023-02-20 14:34 - 000000000 ____D C:\Users\Users\AppData\Local\Packages 2024-05-23 21:37 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-05-23 21:04 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2024-05-23 21:04 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness 2024-05-23 21:03 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF 2024-05-23 21:01 - 2023-06-22 19:37 - 000000000 ____D C:\Windows\SystemTemp 2024-05-23 21:00 - 2023-06-12 21:44 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-05-23 21:00 - 2023-06-12 21:44 - 000002212 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2024-05-23 20:59 - 2023-02-20 14:24 - 000000000 ____D C:\Windows\system32\SleepStudy 2024-05-22 23:53 - 2023-04-13 16:52 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2385923311-781784147-3047078187-1001 2024-05-22 23:53 - 2023-02-20 14:38 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2385923311-781784147-3047078187-1001 2024-05-22 23:53 - 2023-02-20 14:33 - 000002423 _____ C:\Users\Users\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-05-22 23:51 - 2023-06-05 21:48 - 000000000 __SHD C:\Users\Users\IntelGraphicsProfiles 2024-05-22 23:51 - 2023-02-20 14:35 - 001678234 _____ C:\Windows\system32\PerfStringBackup.INI 2024-05-22 23:51 - 2019-12-07 17:09 - 000748784 _____ C:\Windows\system32\perfh015.dat 2024-05-22 23:51 - 2019-12-07 17:09 - 000144494 _____ C:\Windows\system32\perfc015.dat 2024-05-22 23:47 - 2023-02-20 14:24 - 000464656 _____ C:\Windows\system32\FNTCACHE.DAT 2024-05-22 23:47 - 2023-02-20 14:24 - 000008192 ___SH C:\DumpStack.log.tmp 2024-05-22 23:47 - 2023-02-20 14:24 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2024-05-22 23:46 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\SysWOW64\F12 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\UNP 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\F12 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\ShellExperiences 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism 2024-05-22 23:42 - 2019-12-07 17:12 - 000000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents 2024-05-22 23:42 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files\Windows Portable Devices 2024-05-22 23:42 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files\Windows Multimedia Platform 2024-05-22 23:42 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2024-05-22 23:42 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices 2024-05-22 23:42 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2024-05-22 23:42 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog 2024-05-22 23:42 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2024-05-22 23:42 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences 2024-05-22 23:42 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents 2024-05-22 23:42 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr 2024-05-22 23:42 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing 2024-05-22 20:30 - 2023-02-20 14:25 - 000000000 ____D C:\Windows\system32\Drivers\wd 2024-05-22 11:56 - 2023-06-05 21:35 - 000000000 ____D C:\Users\Users\AppData\Roaming\Telegram Desktop 2024-05-21 21:00 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp 2024-05-21 20:45 - 2023-02-20 14:27 - 003017216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2024-05-21 20:18 - 2023-09-01 14:42 - 000000000 ____D C:\Program Files\RUXIM 2024-05-21 20:13 - 2023-06-22 17:59 - 000000000 ____D C:\Windows\system32\MRT 2024-05-21 20:09 - 2023-06-22 17:57 - 196465576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2024-05-21 19:58 - 2023-02-20 14:34 - 000000000 ____D C:\ProgramData\Packages 2024-05-21 19:53 - 2023-02-20 14:26 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-05-21 19:41 - 2023-06-05 18:17 - 000003902 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2385923311-781784147-3047078187-1001UA{BA493BBB-A81B-407F-85E0-5A82A7BB083D} 2024-05-21 19:41 - 2023-06-05 18:17 - 000003838 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2385923311-781784147-3047078187-1001Core{6A575FAB-8E5F-4124-AEB9-6ACF1044FD8A} 2024-05-21 19:41 - 2023-02-20 14:25 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-05-21 19:41 - 2023-02-20 14:25 - 000003442 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-05-21 19:39 - 2023-06-12 21:42 - 000000000 ____D C:\Program Files (x86)\Google 2024-04-26 09:23 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\appcompat 2024-04-25 23:45 - 2019-12-07 17:09 - 000000000 ____D C:\Windows\SysWOW64\pl 2024-04-25 23:45 - 2019-12-07 17:08 - 000000000 ____D C:\Windows\system32\pl 2024-04-25 23:45 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata 2024-04-25 23:45 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\migwiz 2024-04-25 23:45 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV 2024-04-25 23:45 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT 2024-04-25 23:45 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE 2024-04-25 23:45 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX 2024-04-25 23:45 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Com 2024-04-25 23:45 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers 2024-04-25 23:45 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata 2024-04-25 23:45 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Sysprep 2024-04-25 23:45 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates 2024-04-25 23:44 - 2019-12-07 17:12 - 000000000 ___SD C:\Windows\system32\AppV 2024-04-25 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lv-LV 2024-04-25 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lt-LT 2024-04-25 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\et-EE 2024-04-25 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX 2024-04-25 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs 2024-04-25 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Com 2024-04-25 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\appraiser 2024-04-25 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\AdvancedInstallers 2024-04-25 23:43 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2024-04-25 23:43 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2024-04-25 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning 2024-04-25 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2024-04-25 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\IME 2024-04-25 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender 2024-04-25 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System 2024-04-25 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2024-04-25 22:42 - 2019-12-07 17:12 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll 2024-04-25 22:42 - 2019-12-07 17:12 - 000020827 _____ C:\Windows\system32\OEMDefaultAssociations.xml 2024-04-25 22:42 - 2019-12-07 11:15 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll 2024-04-25 22:42 - 2019-12-07 11:14 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================