Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 30.05.2024 Uruchomiony przez Users (administrator) ANNA-DESKTOP-RT (Dell Inc. Latitude E5530 non-vPro) (30-05-2024 16:25:41) Uruchomiony z C:\Users\Users\Downloads\FRST64.exe Załadowane profile: Users Platforma: Microsoft Windows 10 Pro Wersja 22H2 19045.4412 (X64) Język: Polski (Polska) Domyślna przeglądarka: Edge Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe (C:\Program Files\DellTPad\Apoint.exe ->) (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe (C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe (C:\Program Files\DellTPad\HidMonitorSvc.exe ->) (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe (C:\Program Files\totalcmd\TOTALCMD64.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <5> (explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <11> (explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <5> (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Microsoft Corporation -> Sysinternals - www.sysinternals.com) C:\Users\Users\Downloads\Autoruns\Autoruns64.exe (services.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe (services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\NisSrv.exe (sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2403.6.0_x64__8wekyb3d8bbwe\CalculatorApp.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21904.0_x64__8wekyb3d8bbwe\HxAccounts.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21904.0_x64__8wekyb3d8bbwe\HxOutlook.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21904.0_x64__8wekyb3d8bbwe\HxTsr.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [779376 2019-05-10] (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\125.0.6422.113\Installer\chrmstp.exe [2024-05-30] (Google LLC -> Google LLC) ==================== Zaplanowane zadania (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {01408E0C-1B46-478A-887F-EC24A6ED8E66} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{D950937D-D7BA-4850-86F5-8E9049EB7C58} => C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC) Task: {1A21FC0B-7E29-451F-AFA6-53EFA6C7DE95} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-22] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {31A51DE9-0B06-4A7F-8833-8E6185870AD7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-22] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {323B7E73-82A7-4D3C-A77C-21655D1555B0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-22] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {8ADA37E7-A5EE-4E4D-8D4B-CC20AE6D3389} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-22] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B4FDD4E8-DCB3-43AD-A817-5F59F2E5A27F} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2385923311-781784147-3047078187-1001Core{6A575FAB-8E5F-4124-AEB9-6ACF1044FD8A} => C:\Users\Users\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206288 2023-06-05] (Microsoft Corporation -> Microsoft Corporation) Task: {6C57FAB9-93CF-4574-AE0B-9CE0E2986BA0} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2385923311-781784147-3047078187-1001UA{BA493BBB-A81B-407F-85E0-5A82A7BB083D} => C:\Users\Users\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206288 2023-06-05] (Microsoft Corporation -> Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{dad68f36-cb5c-477d-8947-73cea0eb6321}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{dad68f36-cb5c-477d-8947-73cea0eb6321}: [DhcpDomain] home Tcpip\..\Interfaces\{dad68f36-cb5c-477d-8947-73cea0eb6321}\7416C6168797021423035624645373: [DhcpNameServer] 192.168.236.21 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Users\AppData\Local\Microsoft\Edge\User Data\Default [2024-05-30] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Users\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2024-05-25] Edge Extension: (Dokumenty Google offline) - C:\Users\Users\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-17] Edge Extension: (Edge relevant text changes) - C:\Users\Users\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-04-17] Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn] Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn] FireFox: ======== FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\Users\AppData\Local\Google\Chrome\User Data\Default [2024-05-30] CHR Extension: (Dokumenty Google offline) - C:\Users\Users\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-25] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Users\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-05-25] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Users\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-06-12] CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [104840 2019-05-10] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) S2 GoogleUpdaterInternalService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC) S2 GoogleUpdaterService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC) S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2023-04-13] () [Brak podpisu cyfrowego] R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpDefenderCoreService.exe [1489000 2024-05-22] (Microsoft Windows Publisher -> Microsoft Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522200 2024-05-21] (Microsoft Windows Publisher -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\NisSrv.exe [3236840 2024-05-22] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MsMpEng.exe [133704 2024-05-22] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [19440 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.) R3 MkBusFilter; C:\Windows\system32\DRIVERS\MbmDeviceFilter.sys [42208 2015-06-30] (Ericsson AB -> ) R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics) R0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [21056 2024-05-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [601496 2024-05-22] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105880 2024-05-22] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-05-30 16:25 - 2024-05-30 16:26 - 000012377 _____ C:\Users\Users\Downloads\FRST.txt 2024-05-30 16:09 - 2024-05-30 16:09 - 000000000 ___HD C:\$WinREAgent 2024-05-30 16:03 - 2024-05-30 16:03 - 000001212 _____ C:\Users\Users\Downloads\Fixlog.txt 2024-05-30 16:03 - 2024-05-30 16:03 - 000000000 ____D C:\Users\Users\Downloads\FRST-OlderVersion 2024-05-30 15:55 - 2024-05-30 15:57 - 000000117 _____ C:\Users\Users\Downloads\odznaczanie żółtych w Everyhing.txt 2024-05-26 02:38 - 2024-05-26 02:39 - 309028686 _____ C:\Users\Users\Documents\Komputer_kopia zapasowa,ale po 1 próbie zmian.reg 2024-05-26 02:37 - 2024-05-26 02:37 - 000074000 _____ C:\Users\Users\Documents\Winlogon_kopia, ale po 1 próbie zmian.reg 2024-05-26 01:26 - 2024-05-26 01:26 - 000562169 _____ C:\Users\Users\Downloads\ANNA-DESKTOP-RT.zip 2024-05-26 01:19 - 2024-05-30 16:24 - 007741820 _____ C:\Users\Users\Downloads\ANNA-DESKTOP-RT.arn 2024-05-26 01:16 - 2024-05-26 01:16 - 000000000 ____D C:\Users\Users\Downloads\Autoruns 2024-05-26 01:14 - 2024-05-26 01:14 - 002932380 _____ C:\Users\Users\Downloads\Autoruns.zip 2024-05-25 23:52 - 2024-05-25 23:52 - 000000000 ____D C:\Users\Users\AppData\Local\D3DSCache 2024-05-25 23:34 - 2024-05-25 23:34 - 007292915 _____ C:\Users\Users\Downloads\DALMIERZ LASEROWY z Temu - instrukcja (1).pdf 2024-05-25 23:12 - 2024-05-25 23:12 - 000046224 _____ C:\Users\Users\Downloads\DALMIERZ LASEROWY z Temu - instrukcja txt.txt 2024-05-25 23:10 - 2024-05-25 23:10 - 000046830 _____ C:\Users\Users\Downloads\Zdjęcie Na Tekst - txt - cardscanner.co.zip 2024-05-25 19:55 - 2024-05-26 03:00 - 000000000 ____D C:\Users\Users\AppData\Roaming\Microsoft\Szablony 2024-05-25 19:55 - 2024-05-26 01:54 - 000000000 ____D C:\Users\Users\AppData\Roaming\Microsoft\Word 2024-05-25 19:55 - 2024-05-25 23:54 - 000000000 ____D C:\Users\Users\AppData\Roaming\Microsoft\UProof 2024-05-25 19:55 - 2024-05-25 19:55 - 000000000 ____D C:\Users\Users\AppData\Roaming\Microsoft\Sprawdzanie 2024-05-25 19:55 - 2024-05-25 19:55 - 000000000 ____D C:\Users\Users\AppData\Roaming\Microsoft\Office 2024-05-25 19:55 - 2024-05-25 19:55 - 000000000 ____D C:\Users\Users\AppData\Roaming\Microsoft\Document Building Blocks 2024-05-25 19:14 - 2024-05-25 19:07 - 007205330 _____ C:\Users\Users\Downloads\DALMIERZ LASEROWY z Temu - instrukcja.pdf 2024-05-25 18:24 - 2024-05-25 18:24 - 000000000 ____D C:\AdwCleaner 2024-05-25 17:32 - 2024-05-25 17:32 - 000066560 _____ C:\Windows\dm_batch.bak 2024-05-25 17:32 - 2024-05-25 17:32 - 000000032 _____ C:\Windows\dm.dmap 2024-05-25 17:28 - 2024-05-25 22:50 - 000000000 ____D C:\Program Files\IM-Magic 2024-05-25 17:13 - 2024-05-25 17:13 - 000000000 ____D C:\Users\Users\AppData\Roaming\Microsoft\MMC 2024-05-24 21:20 - 2024-05-24 21:20 - 000000000 ____D C:\Users\Users\AppData\Local\.marble 2024-05-24 20:34 - 2024-05-24 20:34 - 000000000 ____D C:\Users\Users\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell 2024-05-24 20:29 - 2024-05-24 20:29 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Apfiltr_01009.Wdf 2024-05-24 20:29 - 2024-05-24 20:29 - 000000000 ____D C:\Program Files\DellTPad 2024-05-24 20:24 - 2024-05-24 20:24 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ST_Accel_01011.Wdf 2024-05-24 20:24 - 2024-05-24 20:24 - 000000000 ____D C:\Program Files\STMicroelectronics 2024-05-24 20:24 - 2024-05-24 20:24 - 000000000 ____D C:\Program Files\DIFX 2024-05-24 20:24 - 2016-10-07 06:37 - 000030352 _____ (ST Microelectronics) C:\Windows\system32\Drivers\stdcfltn.sys 2024-05-24 20:24 - 2015-06-30 04:37 - 000042208 _____ C:\Windows\system32\Drivers\MbmDeviceFilter.sys 2024-05-24 19:48 - 2024-05-24 19:48 - 000002202 _____ C:\Users\Public\Desktop\ArCADia-TERMOCAD 10.2.lnk 2024-05-24 19:48 - 2024-05-24 19:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArCADia-TERMOCAD 10.2 (64-bit) 2024-05-24 19:44 - 2024-05-24 21:10 - 000000000 ____D C:\Program Files\ArCADiasoft 2024-05-24 19:44 - 2024-05-24 19:48 - 000000000 ___RD C:\Users\Public\Documents\ArCADiasoft 2024-05-24 18:18 - 2024-05-24 18:18 - 000000000 ____D C:\Windows\system32\appmgmt 2024-05-23 21:32 - 2024-05-30 16:26 - 000000000 ____D C:\FRST 2024-05-23 21:30 - 2024-05-30 16:03 - 002395136 _____ (Farbar) C:\Users\Users\Downloads\FRST64.exe 2024-05-21 19:39 - 2024-05-21 19:39 - 000000000 ____D C:\Windows\system32\Tasks\GoogleSystem ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-05-30 16:10 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp 2024-05-30 16:07 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-05-30 16:05 - 2023-06-05 21:48 - 000000000 __SHD C:\Users\Users\IntelGraphicsProfiles 2024-05-30 16:04 - 2023-02-20 14:24 - 000008192 ___SH C:\DumpStack.log.tmp 2024-05-30 16:04 - 2023-02-20 14:24 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2024-05-30 16:04 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI 2024-05-30 16:02 - 2023-06-05 18:17 - 000003804 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2385923311-781784147-3047078187-1001UA{BA493BBB-A81B-407F-85E0-5A82A7BB083D} 2024-05-30 16:02 - 2023-06-05 18:17 - 000003710 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2385923311-781784147-3047078187-1001Core{6A575FAB-8E5F-4124-AEB9-6ACF1044FD8A} 2024-05-30 16:02 - 2023-04-13 16:52 - 000003122 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2385923311-781784147-3047078187-1001 2024-05-30 16:02 - 2023-02-20 14:25 - 000003554 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-05-30 16:02 - 2023-02-20 14:25 - 000003330 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-05-30 16:01 - 2023-02-20 14:38 - 000002918 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2385923311-781784147-3047078187-1001 2024-05-30 15:41 - 2023-06-22 19:37 - 000000000 ____D C:\Windows\SystemTemp 2024-05-30 15:41 - 2023-06-12 21:44 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-05-30 15:41 - 2023-06-12 21:44 - 000002212 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2024-05-30 15:40 - 2023-02-20 14:24 - 000000000 ____D C:\Windows\system32\SleepStudy 2024-05-28 13:37 - 2023-02-20 14:33 - 000002423 _____ C:\Users\Users\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-05-27 10:36 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2024-05-27 10:31 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing 2024-05-27 10:24 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness 2024-05-26 02:54 - 2023-06-05 21:35 - 000000000 ____D C:\Users\Users\AppData\Roaming\Telegram Desktop 2024-05-26 02:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports 2024-05-26 02:21 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF 2024-05-25 21:32 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP 2024-05-25 20:00 - 2023-04-13 10:48 - 000000000 ____D C:\Users\Users\AppData\Roaming\Microsoft\Excel 2024-05-25 19:54 - 2024-04-26 19:29 - 000000000 ____D C:\Users\Users\Downloads\Telegram Desktop 2024-05-25 16:24 - 2023-04-13 16:49 - 000000000 ____D C:\Users\Users\AppData\Roaming\GHISLER 2024-05-25 16:03 - 2023-02-20 14:26 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-05-24 21:03 - 2024-04-26 00:02 - 000000000 ____D C:\Users\Users\AppData\Roaming\Common 2024-05-24 20:34 - 2023-06-22 19:45 - 000000451 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat 2024-05-24 20:32 - 2023-02-20 14:35 - 001678234 _____ C:\Windows\system32\PerfStringBackup.INI 2024-05-24 20:32 - 2019-12-07 17:09 - 000748784 _____ C:\Windows\system32\perfh015.dat 2024-05-24 20:32 - 2019-12-07 17:09 - 000144494 _____ C:\Windows\system32\perfc015.dat 2024-05-24 20:26 - 2023-02-20 14:24 - 000464656 _____ C:\Windows\system32\FNTCACHE.DAT 2024-05-24 19:44 - 2024-04-25 23:18 - 000000000 ___RD C:\ProgramData\ArCADiasoft 2024-05-24 18:53 - 2023-02-20 14:34 - 000000000 ___SD C:\Users\Users\AppData\Roaming\Microsoft\Protect 2024-05-23 21:41 - 2023-02-20 14:34 - 000000000 ____D C:\Users\Users\AppData\Local\Packages 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\SysWOW64\F12 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\UNP 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\F12 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\ShellExperiences 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz 2024-05-22 23:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism 2024-05-22 23:42 - 2019-12-07 17:12 - 000000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents 2024-05-22 23:42 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files\Windows Portable Devices 2024-05-22 23:42 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files\Windows Multimedia Platform 2024-05-22 23:42 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2024-05-22 23:42 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices 2024-05-22 23:42 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2024-05-22 23:42 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog 2024-05-22 23:42 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2024-05-22 23:42 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences 2024-05-22 23:42 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents 2024-05-22 23:42 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr 2024-05-22 20:30 - 2023-02-20 14:25 - 000000000 ____D C:\Windows\system32\Drivers\wd 2024-05-21 20:45 - 2023-02-20 14:27 - 003017216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2024-05-21 20:18 - 2023-09-01 14:42 - 000000000 ____D C:\Program Files\RUXIM 2024-05-21 20:13 - 2023-06-22 17:59 - 000000000 ____D C:\Windows\system32\MRT 2024-05-21 20:09 - 2023-06-22 17:57 - 196465576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2024-05-21 19:58 - 2023-02-20 14:34 - 000000000 ____D C:\ProgramData\Packages 2024-05-21 19:39 - 2023-06-12 21:42 - 000000000 ____D C:\Program Files (x86)\Google ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================