Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 22.05.2024 01 Uruchomiony przez Users (administrator) ANNA-DESKTOP-RT (Dell Inc. Latitude E5530 non-vPro) (25-05-2024 18:33:38) Uruchomiony z C:\Users\Users\Downloads\FRST64.exe Załadowane profile: Users Platforma: Microsoft Windows 10 Pro Wersja 22H2 19045.4412 (X64) Język: Polski (Polska) Domyślna przeglądarka: Edge Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe (explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <13> (explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <5> (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [779376 2019-05-10] (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Ograniczenia <==== UWAGA HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Ograniczenia <==== UWAGA HKU\S-1-5-21-2385923311-781784147-3047078187-1001\...\Run: [Microsoft Edge Update] => C:\Users\Users\AppData\Local\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateCore.exe [264136 2024-05-25] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2385923311-781784147-3047078187-1001\...\Run: [MicrosoftEdgeAutoLaunch_3250699E464B17C04A15332F6451998E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4136912 2024-05-24] (Microsoft Corporation -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\125.0.6422.112\Installer\chrmstp.exe [2024-05-24] (Google LLC -> Google LLC) ==================== Zaplanowane zadania (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {01408E0C-1B46-478A-887F-EC24A6ED8E66} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{D950937D-D7BA-4850-86F5-8E9049EB7C58} => C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC) Task: {B4FDD4E8-DCB3-43AD-A817-5F59F2E5A27F} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2385923311-781784147-3047078187-1001Core{6A575FAB-8E5F-4124-AEB9-6ACF1044FD8A} => C:\Users\Users\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206288 2023-06-05] (Microsoft Corporation -> Microsoft Corporation) Task: {6C57FAB9-93CF-4574-AE0B-9CE0E2986BA0} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2385923311-781784147-3047078187-1001UA{BA493BBB-A81B-407F-85E0-5A82A7BB083D} => C:\Users\Users\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206288 2023-06-05] (Microsoft Corporation -> Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{dad68f36-cb5c-477d-8947-73cea0eb6321}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{dad68f36-cb5c-477d-8947-73cea0eb6321}: [DhcpDomain] home Tcpip\..\Interfaces\{dad68f36-cb5c-477d-8947-73cea0eb6321}\7416C6168797021423035624645373: [DhcpNameServer] 192.168.236.21 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Users\AppData\Local\Microsoft\Edge\User Data\Default [2024-05-25] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Users\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2024-05-25] Edge Extension: (Dokumenty Google offline) - C:\Users\Users\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-17] Edge Extension: (Edge relevant text changes) - C:\Users\Users\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-04-17] Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn] Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn] FireFox: ======== FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\Users\AppData\Local\Google\Chrome\User Data\Default [2024-05-25] CHR Extension: (Dokumenty Google offline) - C:\Users\Users\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-25] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Users\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-05-25] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Users\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-06-12] CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [104840 2019-05-10] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) S2 GoogleUpdaterInternalService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC) S2 GoogleUpdaterService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC) S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2023-04-13] () [Brak podpisu cyfrowego] R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8887344 2024-05-25] (Malwarebytes Inc. -> Malwarebytes) S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-05-25] (Malwarebytes Inc. -> Malwarebytes) S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpDefenderCoreService.exe [1489000 2024-05-22] (Microsoft Windows Publisher -> Microsoft Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522200 2024-05-21] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\NisSrv.exe [3236840 2024-05-22] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MsMpEng.exe [133704 2024-05-22] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [19440 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2024-05-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223184 2024-05-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2024-05-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [201280 2024-05-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [78400 2024-05-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239576 2024-05-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [188784 2024-05-25] (Malwarebytes Inc. -> Malwarebytes) S3 MDA_NTDRV; C:\Windows\system32\MDA_NTDRV.sys [43664 2024-05-25] (Chongqing NIUBI Technology Co., Ltd. -> ) R3 MkBusFilter; C:\Windows\system32\DRIVERS\MbmDeviceFilter.sys [42208 2015-06-30] (Ericsson AB -> ) R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics) R3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [21056 2024-05-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [601496 2024-05-22] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105880 2024-05-22] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-05-25 18:33 - 2024-05-25 18:35 - 000011219 _____ C:\Users\Users\Downloads\FRST.txt 2024-05-25 18:24 - 2024-05-25 18:24 - 008790880 _____ (Malwarebytes) C:\Users\Users\Downloads\adwcleaner.exe 2024-05-25 18:24 - 2024-05-25 18:24 - 000000000 ____D C:\AdwCleaner 2024-05-25 18:13 - 2024-05-25 18:13 - 000188784 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2024-05-25 18:12 - 2024-05-25 18:37 - 000000000 ____D C:\Users\Users\AppData\Local\Malwarebytes 2024-05-25 18:12 - 2024-05-25 18:12 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2024-05-25 18:12 - 2024-05-25 18:12 - 000002081 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2024-05-25 18:10 - 2024-05-25 18:10 - 000000000 ____D C:\ProgramData\Malwarebytes 2024-05-25 18:10 - 2024-05-25 18:10 - 000000000 ____D C:\Program Files\Malwarebytes 2024-05-25 18:07 - 2024-05-25 18:09 - 277864992 _____ (Malwarebytes) C:\Users\Users\Downloads\MBSetup.exe 2024-05-25 17:40 - 2024-05-25 17:47 - 000000000 ___HD C:\$WinREAgent 2024-05-25 17:32 - 2024-05-25 17:32 - 000066560 _____ C:\Windows\dm_batch.bak 2024-05-25 17:32 - 2024-05-25 17:32 - 000000032 _____ C:\Windows\dm.dmap 2024-05-25 17:28 - 2024-05-25 17:28 - 000798488 _____ C:\Windows\system32\im-fre.exe 2024-05-25 17:28 - 2024-05-25 17:28 - 000043664 _____ C:\Windows\system32\MDA_NTDRV.sys 2024-05-25 17:28 - 2024-05-25 17:28 - 000001061 _____ C:\Users\Users\Desktop\IM-Magic Partition Resizer Free.lnk 2024-05-25 17:28 - 2024-05-25 17:28 - 000000000 ____D C:\Users\Users\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IM-Magic Partition Resizer Free 2024-05-25 17:28 - 2024-05-25 17:28 - 000000000 ____D C:\Program Files\IM-Magic 2024-05-25 17:15 - 2024-05-25 17:26 - 012302874 _____ C:\Users\Users\Downloads\resizer-free.zip 2024-05-25 17:13 - 2024-05-25 17:13 - 000000000 ____D C:\Users\Users\AppData\Roaming\Microsoft\MMC 2024-05-24 21:20 - 2024-05-24 21:20 - 000000000 ____D C:\Users\Users\AppData\Local\.marble 2024-05-24 20:34 - 2024-05-24 20:34 - 000000000 ____D C:\Users\Users\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell 2024-05-24 20:29 - 2024-05-24 20:29 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Apfiltr_01009.Wdf 2024-05-24 20:29 - 2024-05-24 20:29 - 000000000 ____D C:\Program Files\DellTPad 2024-05-24 20:24 - 2024-05-24 20:24 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ST_Accel_01011.Wdf 2024-05-24 20:24 - 2024-05-24 20:24 - 000000000 ____D C:\Program Files\STMicroelectronics 2024-05-24 20:24 - 2024-05-24 20:24 - 000000000 ____D C:\Program Files\DIFX 2024-05-24 20:24 - 2016-10-07 06:37 - 000030352 _____ (ST Microelectronics) C:\Windows\system32\Drivers\stdcfltn.sys 2024-05-24 20:24 - 2015-06-30 04:37 - 000042208 _____ C:\Windows\system32\Drivers\MbmDeviceFilter.sys 2024-05-24 19:48 - 2024-05-24 19:48 - 000002202 _____ C:\Users\Public\Desktop\ArCADia-TERMOCAD 10.2 (64-bit).lnk 2024-05-24 19:48 - 2024-05-24 19:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArCADia-TERMOCAD 10.2 (64-bit) 2024-05-24 19:44 - 2024-05-24 21:10 - 000000000 ____D C:\Program Files\ArCADiasoft 2024-05-24 19:44 - 2024-05-24 19:48 - 000000000 ___RD C:\Users\Public\Documents\ArCADiasoft 2024-05-24 18:26 - 2024-05-24 18:27 - 000000000 ____D C:\Program Files\CrystalDiskInfo 2024-05-24 18:26 - 2024-05-24 18:26 - 000001828 _____ C:\Users\Users\Desktop\CrystalDiskInfo.lnk 2024-05-24 18:26 - 2024-05-24 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo 2024-05-24 18:25 - 2024-05-24 18:25 - 005921600 _____ (Crystal Dew World ) C:\Users\Users\Downloads\CrystalDiskInfo9_3_0.exe 2024-05-24 18:23 - 2024-05-24 18:30 - 1858722288 _____ (ArCADiasoft Chudzik sp. j.) C:\Users\Users\Downloads\ArCADia-TERMOCAD_64bit_Demo (1).exe 2024-05-24 18:18 - 2024-05-24 18:18 - 000000000 ____D C:\Windows\system32\appmgmt 2024-05-23 21:32 - 2024-05-25 18:34 - 000000000 ____D C:\FRST 2024-05-23 21:30 - 2024-05-23 21:30 - 002395136 _____ (Farbar) C:\Users\Users\Downloads\FRST64.exe 2024-05-21 19:39 - 2024-05-21 19:39 - 000000000 ____D C:\Windows\system32\Tasks\GoogleSystem 2024-04-29 21:05 - 2024-04-29 21:05 - 000001295 _____ C:\Users\Public\Desktop\ArCADiasoft-LICENSE MANAGER.lnk 2024-04-29 21:05 - 2024-04-29 21:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArCADiasoft-LICENSE MANAGER 2024-04-29 21:05 - 2024-04-29 21:05 - 000000000 ____D C:\Program Files (x86)\ArCADiasoft 2024-04-29 21:04 - 2024-04-29 21:04 - 036349368 _____ (ArCADiasoft Chudzik sp. j.) C:\Users\Users\Downloads\ArCADiasoft-LICENSE_MANAGER.exe 2024-04-29 20:53 - 2024-04-29 20:53 - 000194651 _____ C:\Users\Users\Downloads\418676_certificate_ArCADia-TERMOCAD ŚCHE 10_L01.pdf 2024-04-29 20:53 - 2024-04-29 20:53 - 000052328 _____ C:\Users\Users\Downloads\Dokument VAT I - 0141 04 2024 FVPA I.pdf 2024-04-29 20:53 - 2024-04-29 20:53 - 000000999 _____ C:\Users\Users\Downloads\1865604_NL_ArCADiaTermocad_PL_2024_04_29_142223_L001.isl 2024-04-26 20:56 - 2024-04-26 20:56 - 001445312 _____ (Adobe Inc) C:\Users\Users\Downloads\Reader_en_install.exe 2024-04-26 20:40 - 2024-04-26 20:40 - 006501575 _____ C:\Users\Users\Desktop\!!!_Poradnik_projektanta_Swiadectwo_energetyczne_!!!.pdf 2024-04-26 19:57 - 2024-04-26 19:57 - 000000524 _____ C:\Users\Users\Downloads\zgłoszenie konta do FB.txt 2024-04-26 19:29 - 2024-04-26 19:29 - 000000000 ____D C:\Users\Users\Downloads\Telegram Desktop 2024-04-26 00:37 - 2024-04-26 00:37 - 000000000 ____D C:\Users\Users\AppData\Roaming\Microsoft\HTML Help 2024-04-26 00:08 - 2024-04-26 00:13 - 000002383 _____ C:\Users\Users\Downloads\błąd Arcadia 1.txt 2024-04-26 00:03 - 2024-04-26 00:03 - 000000000 ___RD C:\Users\Users\Documents\ArCADiasoft 2024-04-26 00:02 - 2024-05-24 21:03 - 000000000 ____D C:\Users\Users\AppData\Roaming\Common 2024-04-26 00:02 - 2024-04-29 11:51 - 000000000 ____D C:\Users\Users\AppData\Roaming\ArCADiasoft 2024-04-25 23:43 - 2024-04-25 23:43 - 000000000 ____D C:\Windows\InboxApps 2024-04-25 23:18 - 2024-05-24 19:44 - 000000000 ___RD C:\ProgramData\ArCADiasoft 2024-04-25 22:50 - 2024-04-25 22:51 - 000000000 ____D C:\ProgramData\Package Cache 2024-04-25 22:50 - 2024-04-25 22:51 - 000000000 ____D C:\Program Files\dotnet 2024-04-25 22:07 - 2024-04-25 22:07 - 000020861 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json 2024-04-25 21:56 - 2024-04-25 21:56 - 000020861 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-05-25 18:35 - 2023-06-05 21:35 - 000000000 ____D C:\Users\Users\AppData\Roaming\Telegram Desktop 2024-05-25 18:27 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness 2024-05-25 18:19 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2024-05-25 18:17 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-05-25 18:11 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP 2024-05-25 18:11 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF 2024-05-25 17:47 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp 2024-05-25 17:36 - 2023-06-05 21:48 - 000000000 __SHD C:\Users\Users\IntelGraphicsProfiles 2024-05-25 17:36 - 2023-02-20 14:24 - 000008192 ___SH C:\DumpStack.log.tmp 2024-05-25 17:36 - 2023-02-20 14:24 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2024-05-25 17:34 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI 2024-05-25 17:01 - 2023-02-20 14:24 - 000000000 ____D C:\Windows\system32\SleepStudy 2024-05-25 16:47 - 2023-06-05 18:17 - 000003902 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2385923311-781784147-3047078187-1001UA{BA493BBB-A81B-407F-85E0-5A82A7BB083D} 2024-05-25 16:47 - 2023-06-05 18:17 - 000003838 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2385923311-781784147-3047078187-1001Core{6A575FAB-8E5F-4124-AEB9-6ACF1044FD8A} 2024-05-25 16:24 - 2023-04-13 16:49 - 000000000 ____D C:\Users\Users\AppData\Roaming\GHISLER 2024-05-25 16:03 - 2023-02-20 14:26 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-05-25 15:56 - 2023-02-20 14:25 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-05-25 15:56 - 2023-02-20 14:25 - 000003442 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-05-24 20:34 - 2023-06-22 19:45 - 000000451 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat 2024-05-24 20:32 - 2023-02-20 14:35 - 001678234 _____ C:\Windows\system32\PerfStringBackup.INI 2024-05-24 20:32 - 2019-12-07 17:09 - 000748784 _____ C:\Windows\system32\perfh015.dat 2024-05-24 20:32 - 2019-12-07 17:09 - 000144494 _____ C:\Windows\system32\perfc015.dat 2024-05-24 20:26 - 2023-02-20 14:24 - 000464656 _____ C:\Windows\system32\FNTCACHE.DAT 2024-05-24 18:53 - 2023-02-20 14:34 - 000000000 ___SD C:\Users\Users\AppData\Roaming\Microsoft\Protect 2024-05-24 18:34 - 2023-06-22 19:37 - 000000000 ____D C:\Windows\SystemTemp 2024-05-24 18:33 - 2023-06-12 21:44 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-05-24 18:33 - 2023-06-12 21:44 - 000002212 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2024-05-23 21:41 - 2023-02-20 14:34 - 000000000 ____D C:\Users\Users\AppData\Local\Packages 2024-05-22 23:53 - 2023-04-13 16:52 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2385923311-781784147-3047078187-1001 2024-05-22 23:53 - 2023-02-20 14:38 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2385923311-781784147-3047078187-1001 2024-05-22 23:53 - 2023-02-20 14:33 - 000002423 _____ C:\Users\Users\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\SysWOW64\F12 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\UNP 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\F12 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\ShellExperiences 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism 2024-05-22 23:42 - 2019-12-07 17:12 - 000000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents 2024-05-22 23:42 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files\Windows Portable Devices 2024-05-22 23:42 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files\Windows Multimedia Platform 2024-05-22 23:42 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2024-05-22 23:42 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices 2024-05-22 23:42 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2024-05-22 23:42 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog 2024-05-22 23:42 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2024-05-22 23:42 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences 2024-05-22 23:42 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents 2024-05-22 23:42 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr 2024-05-22 23:42 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing 2024-05-22 20:30 - 2023-02-20 14:25 - 000000000 ____D C:\Windows\system32\Drivers\wd 2024-05-21 20:45 - 2023-02-20 14:27 - 003017216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2024-05-21 20:18 - 2023-09-01 14:42 - 000000000 ____D C:\Program Files\RUXIM 2024-05-21 20:13 - 2023-06-22 17:59 - 000000000 ____D C:\Windows\system32\MRT 2024-05-21 20:09 - 2023-06-22 17:57 - 196465576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2024-05-21 19:58 - 2023-02-20 14:34 - 000000000 ____D C:\ProgramData\Packages 2024-05-21 19:39 - 2023-06-12 21:42 - 000000000 ____D C:\Program Files (x86)\Google 2024-04-26 09:23 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\appcompat 2024-04-25 23:45 - 2019-12-07 17:09 - 000000000 ____D C:\Windows\SysWOW64\pl 2024-04-25 23:45 - 2019-12-07 17:08 - 000000000 ____D C:\Windows\system32\pl 2024-04-25 23:45 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata 2024-04-25 23:45 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\migwiz 2024-04-25 23:45 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV 2024-04-25 23:45 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT 2024-04-25 23:45 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE 2024-04-25 23:45 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX 2024-04-25 23:45 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Com 2024-04-25 23:45 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers 2024-04-25 23:45 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata 2024-04-25 23:45 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Sysprep 2024-04-25 23:45 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates 2024-04-25 23:44 - 2019-12-07 17:12 - 000000000 ___SD C:\Windows\system32\AppV 2024-04-25 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lv-LV 2024-04-25 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lt-LT 2024-04-25 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\et-EE 2024-04-25 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX 2024-04-25 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs 2024-04-25 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Com 2024-04-25 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\appraiser 2024-04-25 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\AdvancedInstallers 2024-04-25 23:43 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2024-04-25 23:43 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2024-04-25 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning 2024-04-25 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2024-04-25 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\IME 2024-04-25 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender 2024-04-25 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System 2024-04-25 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2024-04-25 22:42 - 2019-12-07 17:12 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll 2024-04-25 22:42 - 2019-12-07 17:12 - 000020827 _____ C:\Windows\system32\OEMDefaultAssociations.xml 2024-04-25 22:42 - 2019-12-07 11:15 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll 2024-04-25 22:42 - 2019-12-07 11:14 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================