Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Please analyze the FRST logs. [Solved]


  • This topic is locked This topic is locked

#1
piotrzyna

piotrzyna

    Member

  • Member
  • PipPip
  • 47 posts

I can't help myself. I don't know enough to handle myself. My laptop is working very slowly. Once, viruses and adware were removed, but the system is working very badly. Chrome pops up a lot of ads, popups. I also scanned OLD Timer - version 3.2.69.0, logs attached. Please help. My English is very poor.

 

Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 19-05-2021
Uruchomiony przez piotr (administrator)  DELL-INSPIRON-5 (Dell Inc. Inspiron 5567) (22-05-2022 17:40:47)
Uruchomiony z C:\Users\piotr\Desktop
Załadowane profile: piotr
Platform: Windows 10 Home Wersja 21H2 19044.1706 (X64) Język: Polski (Polska)
Domyślna przeglądarka: Chrome
Tryb startu: Normal
 
==================== Procesy (filtrowane) =================
 
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
 
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <12>
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_c34fd594e40bf436\IntelCpHDCPSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_c34fd594e40bf436\IntelCpHeciSvc.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(Piriform Software Ltd -> ) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
 
==================== Rejestr (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1235160 2019-09-26] (Waves Inc -> Waves Audio Ltd.)
HKU\S-1-5-21-2035300265-1235846444-584982049-1001\...\Run: [MicrosoftEdgeAutoLaunch_102D77BE86092CD11F3B00AB05EA0725] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-2035300265-1235846444-584982049-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36836592 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2035300265-1235846444-584982049-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\101.0.4951.64\Installer\chrmstp.exe [2022-05-11] (Google LLC -> Google LLC)
GroupPolicy: Ograniczenia ? <==== UWAGA
Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA
HKLM\SOFTWARE\Policies\Microsoft\Edge: Ograniczenia <==== UWAGA
 
==================== Zaplanowane zadania (filtrowane) ============
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
Task: {139C4B0E-4CA8-406D-AB03-CEF84FAF8825} - System32\Tasks\CCleanerSkipUAC - piotr => C:\Program Files\CCleaner\CCleaner.exe [30924528 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1F61A219-D6A0-467A-AD4D-4A8BF5220858} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {31F31E0B-1A82-42BE-AB01-D196D6283458} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4955C372-8AAD-4944-BDE7-6B0F9D877471} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe
Task: {5E256545-A759-40EC-8E91-0FC8ADA00552} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8892EA49-8EC9-476D-87CF-809259E72FA4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8D2022ED-5019-4A7E-8C09-E309520CA93F} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {93289986-AEA9-4437-8208-E7CC1087822A} - System32\Tasks\Microsoft\Windows\AppListBackup\Backup => {E0DCC2CC-3354-45F2-8914-519E07809082} C:\Windows\system32\AppListBackupLauncher.dll [92672 2022-04-27] (Microsoft Windows -> Microsoft Corporation)
Task: {94B7FC07-E1E6-4FF1-83FF-8863EDB723FC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-05-11] (Piriform Software Ltd -> Piriform)
Task: {B0F60CCA-0E7C-42E8-A8EB-9A70288B2059} - System32\Tasks\GoogleUpdateTaskMachineUA{84D99F27-C4C5-42F4-A930-08F7F2242017} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-04-26] (Google LLC -> Google LLC)
Task: {B7912482-B1F2-4FA2-A475-758938F2C38E} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NoUACCheck
Task: {BA1E561E-DFE6-4DD6-8077-CEF3FA649003} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\SystemInfo => C:\Users\piotr\AppData\Roaming\\sysinfotool\\sitool.exe <==== UWAGA
Task: {D47A54BC-A86E-428F-85AA-2271C78FF348} - System32\Tasks\GoogleUpdateTaskMachineCore{BF764763-43E7-494B-91C0-05B406D2ECE4} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-04-26] (Google LLC -> Google LLC)
Task: {E7F3A2B5-2DC0-45B6-88B2-1EE3814BB96E} - System32\Tasks\update-S-1-5-21-2035300265-1235846444-584982049-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
 
(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)
 
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2035300265-1235846444-584982049-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
 
==================== Internet (filtrowane) ====================
 
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3ba2c42f-9f6f-4a73-a228-c2e7b52d640c}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7157c896-f0bb-4b4e-8755-89d51114dd64}: [DhcpNameServer] 192.168.0.1
 
Edge: 
=======
Edge Profile: C:\Users\piotr\AppData\Local\Microsoft\Edge\User Data\Default [2022-05-22]
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\piotr\AppData\Local\Google\Chrome\User Data\Default [2022-05-22]
CHR Notifications: Default -> hxxps://www.dobreprogramy.pl
CHR Extension: (Tłumacz Google) - C:\Users\piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-04-27]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-27]
 
==================== Usługi (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [789744 2022-05-11] (Piriform Software Ltd -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-27] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-27] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Sterowniki (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
R3 DBUtilDrv2; C:\Windows\System32\drivers\DBUtilDrv2.sys [24968 2022-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 DDDriver; C:\Windows\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [42456 2021-09-29] (Dell Inc -> OSR Open Systems Resources, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49600 2022-04-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [443664 2022-04-27] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-27] (Microsoft Windows -> Microsoft Corporation)
S3 7ByteIo; \??\C:\Program Files (x86)\Hot CPU Tester Pro 4\SysInfoX64.sys [X]
S3 MpKslb81161c8; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F03CEBF3-DEAC-4129-A5DF-3CFC61D49F10}\MpKslDrv.sys [X]
 
==================== NetSvcs (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
 
==================== Jeden miesiąc (utworzone) (filtrowane) =========
 
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
 
2022-05-22 17:40 - 2022-05-22 17:43 - 000011531 _____ C:\Users\piotr\Desktop\FRST.txt
2022-05-22 17:39 - 2022-05-22 17:41 - 000000000 ____D C:\FRST
2022-05-22 17:35 - 2022-05-22 17:35 - 002299904 _____ (Farbar) C:\Users\piotr\Desktop\FRST64.exe
2022-05-22 16:47 - 2022-05-22 16:47 - 000844350 _____ C:\Users\piotr\Desktop\OTL.Txt full scan.Txt
2022-05-22 16:31 - 2022-05-22 16:31 - 000228560 _____ C:\Users\piotr\Desktop\OTL.Txt
2022-05-22 16:30 - 2022-05-22 16:30 - 000049766 _____ C:\Users\piotr\Downloads\Extras.Txt
2022-05-22 16:24 - 2022-05-22 16:46 - 000844350 _____ C:\Users\piotr\Downloads\OTL.Txt
2022-05-22 15:20 - 2022-05-22 15:20 - 000602112 _____ (OldTimer Tools) C:\Users\piotr\Downloads\OTL.exe
2022-05-22 12:05 - 2022-05-22 12:05 - 001335600 _____ () C:\Users\piotr\Downloads\otl-3-2-70-2-ks_v0.69.361.736.1.exe
2022-05-22 10:37 - 2022-05-22 10:37 - 001335600 _____ () C:\Users\piotr\Downloads\otl-3-2-70-2-ks_v0.693.61.736.1.exe
2022-05-22 10:05 - 2022-05-22 10:12 - 000000000 ____D C:\Users\piotr\AppData\Local\AnVir
2022-05-22 10:03 - 2022-05-22 10:03 - 004482760 _____ C:\Users\piotr\Downloads\taskfree.exe
2022-05-22 10:03 - 2022-05-22 10:03 - 003029920 _____ C:\Users\piotr\Downloads\SecurityTaskManager_Setup.exe
2022-05-22 10:01 - 2022-05-22 10:02 - 001306376 _____ () C:\Users\piotr\Downloads\anvir-task-manager-6628576401843841-AsystentPobierania_v1.04.97.23.49.3.exe
2022-05-21 06:22 - 2022-05-21 06:22 - 000000000 ____D C:\ProgramData\Piriform
2022-05-21 06:19 - 2022-05-21 06:19 - 000022326 _____ C:\Users\piotr\Documents\duplicate.txt
2022-05-21 06:08 - 2022-05-21 06:08 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-05-21 05:56 - 2022-05-22 15:26 - 000000000 ____D C:\Program Files\CCleaner
2022-05-21 05:56 - 2022-05-21 05:56 - 000002904 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - piotr
2022-05-21 05:56 - 2022-05-21 05:56 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2022-05-21 05:56 - 2022-05-21 05:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2022-05-17 08:18 - 2022-05-17 08:18 - 002215217 _____ C:\Users\piotr\Downloads\32pfl5322_10_dfu_pol.pdf
2022-05-17 08:18 - 2022-05-17 08:18 - 002215217 _____ C:\Users\piotr\Downloads\32pfl5322_10_dfu_pol (1).pdf
2022-05-16 08:10 - 2022-05-16 08:10 - 000001527 _____ C:\Windows\system32\config\VSMIDK
2022-05-16 06:55 - 2022-05-16 06:56 - 001577599 _____ C:\Users\piotr\Downloads\Victoria537.zip
2022-05-15 21:56 - 2022-05-15 21:56 - 000000000 ____D C:\Users\piotr\AppData\Roaming\FastStone
2022-05-15 21:56 - 2022-05-15 21:56 - 000000000 ____D C:\Users\piotr\AppData\Local\FastStone
2022-05-15 21:53 - 2022-05-15 21:53 - 004724368 _____ (FastStone Corporation) C:\Users\piotr\Downloads\FSCaptureSetup96.exe
2022-05-15 21:48 - 2022-05-22 11:53 - 000000420 _____ C:\Windows\Tasks\update-sys.job
2022-05-15 21:48 - 2022-05-22 11:53 - 000000420 _____ C:\Windows\Tasks\update-S-1-5-21-2035300265-1235846444-584982049-1001.job
2022-05-15 21:48 - 2022-05-22 09:37 - 000003112 _____ C:\Windows\system32\Tasks\update-S-1-5-21-2035300265-1235846444-584982049-1001
2022-05-15 21:48 - 2022-05-22 09:37 - 000002860 _____ C:\Windows\system32\Tasks\update-sys
2022-05-15 21:48 - 2022-05-15 21:51 - 000000059 _____ C:\Users\piotr\AppData\Local\UserProducts.xml
2022-05-15 21:47 - 2022-05-15 21:51 - 000000000 ____D C:\Program Files (x86)\Skillbrains
2022-05-15 21:45 - 2022-05-15 21:47 - 002786328 _____ (Skillbrains ) C:\Users\piotr\Downloads\setup-lightshot.exe
2022-05-15 20:21 - 2022-05-15 20:21 - 000001063 _____ C:\Users\piotr\Documents\Hot CPU.TXT
2022-05-15 20:21 - 2022-05-15 20:21 - 000001063 _____ C:\Users\piotr\Documents\Analiza  Hot CPU.TXT
2022-05-15 14:18 - 2022-05-15 14:18 - 000000000 ____D C:\ProgramData\eSellerate
2022-05-15 14:16 - 2022-05-15 14:16 - 001752848 _____ C:\Users\piotr\Downloads\Hot_CPU_Tester_Pro_4.41Full.rar
2022-05-15 14:09 - 2022-05-15 14:12 - 000000000 ____D C:\Users\piotr\AppData\Roaming\SysInfoTool
2022-05-15 14:09 - 2022-05-15 14:09 - 000000000 ____D C:\Users\piotr\Desktop\Hot CPU Tester Pro 4.4.1
2022-05-15 14:08 - 2022-05-15 14:08 - 000690751 _____ C:\Users\piotr\Downloads\Hot CPU Tester Pro 4.4.1.zip
2022-05-15 14:03 - 2022-05-15 14:03 - 000000150 _____ C:\Users\piotr\Downloads\Hot CPU Tester Pro_4.4.1_Crack.txt
2022-05-15 14:00 - 2022-05-15 14:00 - 001478440 _____ () C:\Users\piotr\Downloads\hot-cpu-tester-pro-lite-edition-4-4-1-ks_v1.09.174.03.16.exe
2022-05-15 12:38 - 2022-05-15 12:38 - 000000000 _____ C:\HCT8197.tmp
2022-05-15 12:38 - 2022-05-15 12:38 - 000000000 _____ C:\HCT8186.tmp
2022-05-15 12:38 - 2022-05-15 12:38 - 000000000 _____ C:\HCT8118.tmp
2022-05-15 12:38 - 2022-05-15 12:38 - 000000000 _____ C:\HCT8117.tmp
2022-05-15 12:36 - 2022-05-15 12:37 - 001874896 _____ C:\Users\piotr\Downloads\Hot CPU Tester Pro v4.1 Full (1).zip
2022-05-15 12:36 - 2022-05-15 12:36 - 001874896 _____ C:\Users\piotr\Downloads\Hot CPU Tester Pro v4.1 Full.zip
2022-05-15 11:36 - 2022-05-15 11:55 - 000000000 ____D C:\Windows\LastGood
2022-05-15 11:03 - 2022-05-15 11:07 - 012362680 _____ (Dell Inc.) C:\Users\piotr\Downloads\Intel-Chipset-Device-Software_5MPRF_WIN_10.1.18121.8164_A09 (1).EXE
2022-05-15 11:02 - 2022-05-15 11:04 - 243886048 _____ (Dell Inc.) C:\Users\piotr\Downloads\Intel-Management-Engine-Interface-Driver_7PDHK_WIN_2105.15.0.2157_A08 (1).EXE
2022-05-15 11:02 - 2022-05-15 11:03 - 063511848 _____ (Dell Inc.) C:\Users\piotr\Downloads\Intel-3165-and-7265-Wi-Fi-Driver_236GY_WIN_21.110.2.1_A12_03 (1).EXE
2022-05-15 11:02 - 2022-05-15 11:03 - 055637736 _____ (Dell Inc.) C:\Users\piotr\Downloads\Intel-3165-and-7265-Bluetooth-Driver_996KG_WIN_21.110.0.3_A11_03 (1).EXE
2022-05-15 10:31 - 2022-05-15 10:31 - 000004536 _____ C:\Users\piotr\Downloads\netcfg_2022-05-15_10-31-38.dat
2022-05-15 10:24 - 2022-05-15 10:24 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2022-05-15 09:14 - 2022-05-15 09:14 - 001053600 _____ (ESET) C:\Users\piotr\Downloads\ESETUninstaller.exe
2022-05-15 08:40 - 2022-05-15 08:40 - 000000000 ____D C:\Windows\LastGood.Tmp
2022-05-14 21:30 - 2022-05-14 21:31 - 001791728 _____ (7Byte Computers ) C:\Users\piotr\Downloads\hotcpu.exe
2022-05-14 20:44 - 2022-05-14 20:59 - 000019183 _____ C:\Users\piotr\Documents\cpuz.cvf
2022-05-14 20:21 - 2022-05-14 20:21 - 000295119 _____ C:\Users\piotr\Documents\bios.txt
2022-05-14 20:21 - 2022-05-14 20:21 - 000062106 _____ C:\Users\piotr\Documents\DELL-INSPIRON-5.txt
2022-05-14 20:20 - 2022-05-14 20:20 - 000000250 _____ C:\Users\piotr\Documents\vbios.txt
2022-05-14 20:02 - 2022-05-14 20:04 - 002117608 _____ (CPUID, Inc. ) C:\Users\piotr\Downloads\cpu-z_2.01-en.exe
2022-05-14 19:16 - 2022-05-14 19:17 - 000000206 _____ C:\Windows\system32\list
2022-05-14 16:03 - 2022-05-14 16:03 - 006351832 _____ (Intel) C:\Users\piotr\Downloads\Intel-Driver-and-Support-Assistant-Installer.exe
2022-05-14 13:01 - 2022-05-14 13:01 - 000000112 ___SH C:\bootTel.dat
2022-05-14 11:46 - 2022-05-14 11:47 - 008760207 _____ C:\Users\piotr\Downloads\memtest86-usb.zip
2022-05-14 09:48 - 2022-05-14 09:49 - 006705440 _____ (EnigmaSoft Limited) C:\Users\piotr\Downloads\SpyHunter-5.10-5-6614-Installer.exe
2022-05-14 09:12 - 2022-05-14 09:13 - 271846632 _____ (Malwarebytes) C:\Users\piotr\Downloads\mb4-setup-consumer-4.5.9.198-1.0.1676-1.0.54594.exe
2022-05-14 08:22 - 2022-05-14 08:22 - 001316704 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2022-05-14 08:22 - 2022-05-14 08:22 - 000011799 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-05-14 08:21 - 2022-05-14 08:21 - 001828984 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2022-05-14 08:21 - 2022-05-14 08:21 - 001396624 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2022-05-14 08:21 - 2022-05-14 08:21 - 000445952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2022-05-14 08:20 - 2022-05-14 08:20 - 000590848 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2022-05-14 08:00 - 2022-05-14 08:09 - 000000000 ____D C:\Users\piotr\AppData\Local\ChemTable Software
2022-05-14 07:39 - 2022-05-14 07:39 - 000000000 ___HD C:\$WinREAgent
2022-05-13 23:06 - 2022-05-15 10:15 - 000001394 _____ C:\Users\piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-05-13 23:06 - 2022-05-13 23:06 - 015274968 _____ (ESET) C:\Users\piotr\Downloads\esetonlinescanner.exe
2022-05-13 23:03 - 2022-05-13 23:04 - 000260928 _____ (AVAST Software) C:\Users\piotr\Downloads\avast_free_antivirus_setup_online.exe
2022-05-13 17:29 - 2022-05-13 17:29 - 000000266 __RSH C:\ProgramData\ntuser.pol
2022-05-13 17:29 - 2022-05-13 17:29 - 000000000 ____D C:\Users\piotr\AppData\Local\Rufus
2022-05-13 17:26 - 2022-05-13 17:26 - 001380936 _____ (Akeo Consulting) C:\Users\piotr\Downloads\rufus-3.18.exe
2022-05-13 16:51 - 2022-05-13 16:51 - 009537448 _____ (Martin Malik - REALiX ) C:\Users\piotr\Downloads\hwi_622.exe
2022-05-13 16:15 - 2022-05-13 16:30 - 000000000 _____ C:\Recovery.txt
2022-05-13 14:34 - 2022-05-13 14:34 - 000000000 ____D C:\Windows\system32\Tasks\Agent Activation Runtime
2022-05-11 18:33 - 2022-05-11 18:33 - 000002261 _____ C:\Users\piotr\Desktop\bar ukrainka.txt
2022-05-11 18:32 - 2022-05-11 18:32 - 000002261 _____ C:\Users\piotr\Desktop\Dokument.txt
2022-05-11 16:54 - 2022-05-15 11:40 - 000000000 ____D C:\Users\piotr\AppData\Local\ElevatedDiagnostics
2022-05-11 16:24 - 2022-05-21 05:59 - 000000000 ____D C:\Users\piotr\AppData\Local\CrashDumps
2022-05-11 15:40 - 2022-05-11 15:40 - 000749803 _____ C:\Users\piotr\Downloads\speedyfox.zip
2022-05-11 15:40 - 2022-05-11 15:40 - 000000000 ____D C:\Users\piotr\AppData\Roaming\CrystalIdea Software
2022-05-11 12:01 - 2022-05-11 12:01 - 048796504 _____ (Piriform Software Ltd) C:\Users\piotr\Downloads\ccsetup592 (1).exe
2022-05-10 15:16 - 2022-05-10 15:16 - 000019766 _____ C:\Users\piotr\Downloads\xKartka2018-2-678x381.jpg.pagespeed.ic.NWxpxc4ypk.webp
2022-05-09 18:24 - 2022-05-09 18:24 - 000742785 _____ C:\Users\piotr\Downloads\care-hands-with-ukraine-flag-heart-shape.zip
2022-05-09 18:15 - 2022-05-11 21:37 - 000000000 ____D C:\Users\piotr\Desktop\obrazy bar ukrainka
2022-05-07 18:18 - 2022-05-07 18:18 - 002437243 _____ C:\Users\piotr\Downloads\kadence.1.1.18 (1).zip
2022-05-07 18:11 - 2022-05-07 18:12 - 002437243 _____ C:\Users\piotr\Downloads\kadence.1.1.18.zip
2022-05-07 16:10 - 2022-05-07 16:10 - 008315390 _____ C:\Users\piotr\Downloads\wordpress_nicepage_plugin-4.10.5.zip
2022-04-28 20:07 - 2022-04-28 20:07 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2022-04-28 19:51 - 2022-04-28 20:03 - 000000000 ____D C:\Windows\SysWOW64\directx
2022-04-28 19:51 - 2022-04-28 19:59 - 000000000 ___HD C:\Windows\msdownld.tmp
2022-04-28 19:35 - 2022-04-28 19:35 - 000000000 ____D C:\Users\piotr\Documents\Dell
2022-04-28 19:26 - 2022-04-28 19:26 - 000706168 _____ (Dell Inc.) C:\Users\piotr\Downloads\SupportAssistLauncher (2).exe
2022-04-28 18:51 - 2022-04-28 18:52 - 455874496 _____ (Dell Inc.) C:\Users\piotr\Downloads\Intel-HD-Graphics-Driver_2V61R_WIN_27.20.100.9664_A19 (1).EXE
2022-04-28 18:50 - 2022-04-28 18:50 - 000706168 _____ (Dell Inc.) C:\Users\piotr\Downloads\SupportAssistLauncher (1).exe
2022-04-28 16:40 - 2021-07-09 20:36 - 001859632 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2022-04-28 16:40 - 2021-07-09 20:36 - 001859632 _____ C:\Windows\system32\vulkaninfo.exe
2022-04-28 16:40 - 2021-07-09 20:36 - 001440304 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-04-28 16:40 - 2021-07-09 20:36 - 001440304 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2022-04-28 16:40 - 2021-07-09 20:36 - 001102328 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2022-04-28 16:40 - 2021-07-09 20:36 - 001102328 _____ C:\Windows\system32\vulkan-1.dll
2022-04-28 16:40 - 2021-07-09 20:36 - 000956432 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2022-04-28 16:40 - 2021-07-09 20:36 - 000956432 _____ C:\Windows\SysWOW64\vulkan-1.dll
2022-04-28 16:40 - 2021-07-09 20:36 - 000614216 _____ C:\Windows\system32\ze_tracing_layer.dll
2022-04-28 16:40 - 2021-07-09 20:36 - 000429920 _____ C:\Windows\system32\ze_loader.dll
2022-04-28 16:40 - 2021-07-09 20:36 - 000145768 _____ C:\Windows\system32\ze_validation_layer.dll
2022-04-28 16:39 - 2021-07-09 20:37 - 000309680 _____ (Intel Corporation) C:\Windows\system32\libmfxhw64.dll
2022-04-28 16:39 - 2021-07-09 20:37 - 000257096 _____ (Intel Corporation) C:\Windows\SysWOW64\libmfxhw32.dll
2022-04-28 16:39 - 2021-07-09 20:36 - 026671968 _____ (Intel Corporation) C:\Windows\system32\mfxplugin64_hw.dll
2022-04-28 16:39 - 2021-07-09 20:36 - 013499232 _____ (Intel Corporation) C:\Windows\SysWOW64\mfxplugin32_hw.dll
2022-04-28 16:39 - 2021-07-09 20:36 - 000507744 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2022-04-28 16:39 - 2021-07-09 20:36 - 000370528 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2022-04-28 16:39 - 2021-07-09 20:36 - 000173096 _____ (Intel Corporation) C:\Windows\system32\intel_gfx_api-x64.dll
2022-04-28 16:39 - 2021-07-09 20:36 - 000148384 _____ (Intel Corporation) C:\Windows\SysWOW64\intel_gfx_api-x86.dll
2022-04-28 16:39 - 2021-07-09 20:35 - 000354664 _____ C:\Windows\system32\ControlLib.dll
2022-04-28 15:56 - 2022-04-28 15:56 - 000000000 ____D C:\Users\piotr\Intel
2022-04-28 15:52 - 2022-04-28 15:52 - 000000016 _____ C:\ProgramData\mntemp
2022-04-28 15:48 - 2022-04-28 15:49 - 026295768 _____ (Gavrila MARTAU ) C:\Users\piotr\Downloads\Total-Uninstall-Setup-7.3.0.exe
2022-04-28 14:40 - 2022-05-14 08:43 - 000258584 _____ C:\Windows\system32\FNTCACHE.DAT
2022-04-28 13:57 - 2022-04-28 14:25 - 000000000 ____D C:\Program Files (x86)\Wise
2022-04-28 13:25 - 2022-04-28 13:26 - 017296688 _____ (WiseCleaner.com ) C:\Users\piotr\Downloads\WiseCare365_6.2.2.608.exe
2022-04-28 13:20 - 2022-04-28 13:20 - 000000000 ____D C:\Users\piotr\AppData\Local\CEF
2022-04-28 13:19 - 2022-04-28 13:20 - 000000000 ____D C:\Windows\system32\gf2engine
2022-04-28 13:15 - 2022-04-28 13:15 - 001180736 _____ (AVG Technologies) C:\Users\piotr\Downloads\avg_tuneup_online_setup.exe
2022-04-28 12:29 - 2022-04-28 13:09 - 000000000 ____D C:\ProgramData\Glarysoft
2022-04-28 12:27 - 2022-04-28 13:09 - 000000000 ____D C:\Users\piotr\AppData\Roaming\GlarySoft
2022-04-28 12:27 - 2022-04-28 12:27 - 000000000 ____D C:\Users\piotr\AppData\Roaming\DiskDefrag
2022-04-28 12:23 - 2022-04-28 12:23 - 020590616 _____ (Glarysoft Ltd) C:\Users\piotr\Downloads\gu5setup.exe
2022-04-28 11:39 - 2022-04-28 11:39 - 000000000 ____D C:\Users\piotr\AppData\Local\OO Software
2022-04-28 11:37 - 2022-04-28 11:37 - 001604008 _____ (O&O Software GmbH) C:\Users\piotr\Downloads\OOSU10.exe
2022-04-27 23:40 - 2022-04-27 23:40 - 000001117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves MaxxAudioPro.lnk
2022-04-27 23:40 - 2022-04-27 23:40 - 000000000 ____D C:\Program Files\Waves
2022-04-27 23:38 - 2022-04-27 23:41 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2022-04-27 23:33 - 2020-02-17 23:36 - 024942088 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioCapture64.dll
2022-04-27 23:33 - 2020-02-17 23:36 - 024161688 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRenderAVX64.dll
2022-04-27 23:33 - 2020-02-17 23:36 - 024063104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRender64.dll
2022-04-27 23:33 - 2020-02-17 23:36 - 007272536 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2022-04-27 23:33 - 2020-02-17 23:36 - 003793640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioMeters64.exe
2022-04-27 23:33 - 2020-02-17 23:36 - 003769296 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2022-04-27 23:33 - 2020-02-17 23:36 - 003676960 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2022-04-27 23:33 - 2020-02-17 23:36 - 003353720 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2022-04-27 23:33 - 2020-02-17 23:36 - 003159672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2022-04-27 23:33 - 2020-02-17 23:36 - 002930048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2022-04-27 23:33 - 2020-02-17 23:36 - 001353216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2022-04-27 23:33 - 2020-02-17 23:36 - 000692056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2022-04-27 23:33 - 2020-02-17 23:36 - 000575080 _____ (Intel Corporation) C:\Windows\system32\tbb_waves.dll
2022-04-27 23:33 - 2020-02-17 23:36 - 000343600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2022-04-27 23:33 - 2020-02-17 23:36 - 000240024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTHDASIO64.dll
2022-04-27 23:33 - 2020-02-17 23:36 - 000200600 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RTHDASIO.dll
2022-04-27 23:33 - 2020-02-17 23:36 - 000192872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2022-04-27 23:33 - 2020-02-17 23:36 - 000023584 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2022-04-27 23:33 - 2020-02-17 23:22 - 038528612 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2022-04-27 23:33 - 2020-02-17 23:22 - 005804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2022-04-27 22:37 - 2022-04-27 22:41 - 048787808 _____ (Piriform Software Ltd) C:\Users\piotr\Downloads\ccsetup592.exe
2022-04-27 22:35 - 2022-04-27 22:36 - 000231618 _____ C:\Users\piotr\Downloads\FixWin10.zip
2022-04-27 22:34 - 2022-04-27 22:35 - 000214374 _____ C:\Users\piotr\Downloads\UWT4.zip
2022-04-27 22:06 - 2022-04-27 22:06 - 000003656 _____ C:\Windows\system32\Tasks\CreateExplorerShellUnelevatedTask
2022-04-27 22:06 - 2022-04-27 22:06 - 000000000 ____D C:\Windows\Tasks\ImCleanDisabled
2022-04-27 21:59 - 2022-04-27 21:59 - 080203776 _____ C:\Windows\system32\config\SOFTWARE.iobit
2022-04-27 21:59 - 2022-04-27 21:59 - 000425984 _____ C:\Windows\system32\config\DEFAULT.iobit
2022-04-27 21:59 - 2022-04-27 21:59 - 000081920 _____ C:\Windows\system32\config\SAM.iobit
2022-04-27 21:59 - 2022-04-27 21:59 - 000028672 _____ C:\Windows\system32\config\SECURITY.iobit
2022-04-27 20:04 - 2021-05-17 09:50 - 002875968 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2022-04-27 19:54 - 2022-04-27 22:46 - 000000000 ____D C:\Users\piotr\AppData\Local\mbam
2022-04-27 19:45 - 2022-04-27 19:53 - 000000000 ____D C:\Users\piotr\Downloads\Driver Pack for Intel NUC M15 Laptop Kit-Win10_Win11-Februrary 2022-1.2
2022-04-27 19:23 - 2022-04-27 19:30 - 278313192 _____ (Malwarebytes) C:\Users\piotr\Downloads\mb4-setup-consumer-4.5.8.191-1.0.1666-1.0.53967.exe
2022-04-27 19:00 - 2022-04-27 19:00 - 000000000 ____D C:\Users\piotr\AppData\LocalLow\iTop Screen Recorder
2022-04-27 18:58 - 2022-04-27 18:59 - 000000000 ____D C:\Users\piotr\AppData\Roaming\iTop Screenshot
2022-04-27 18:50 - 2022-04-27 19:32 - 000000000 ____D C:\ProgramData\{150F4013-6884-4350-8DDC-6BFCB4C5DC15}
2022-04-27 18:48 - 2022-05-14 08:22 - 000000000 ____D C:\ProgramData\iTop
2022-04-27 18:48 - 2022-04-27 19:01 - 000000000 ____D C:\Users\piotr\AppData\Roaming\iTop Screen Recorder
2022-04-27 18:28 - 2022-04-27 18:28 - 000000000 ____D C:\ProgramData\{F86B0233-9A85-4589-8AAF-524CC4F8211B}
2022-04-27 18:27 - 2022-05-14 08:25 - 000000000 ____D C:\ProgramData\ProductData
2022-04-27 18:25 - 2022-04-27 18:25 - 000000000 ____D C:\Users\piotr\AppData\Roaming\WinRAR
2022-04-27 18:24 - 2022-05-14 08:19 - 000000000 ____D C:\ProgramData\IObit
2022-04-27 18:24 - 2022-05-14 08:16 - 000000000 ____D C:\Program Files (x86)\IObit
2022-04-27 18:24 - 2022-04-27 22:06 - 000000000 ____D C:\Users\piotr\AppData\LocalLow\IObit
2022-04-27 18:23 - 2022-05-14 09:08 - 000000000 ____D C:\Users\piotr\AppData\Roaming\IObit
2022-04-27 17:02 - 2022-04-27 17:02 - 000000000 ____D C:\Users\piotr\AppData\Roaming\Waves Audio
2022-04-27 16:23 - 2022-04-27 23:41 - 000000000 ____D C:\Windows\system32\RTCOM
2022-04-27 16:13 - 2022-04-28 16:35 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-04-27 16:08 - 2022-04-28 16:35 - 000000000 ____D C:\Program Files (x86)\Realtek
2022-04-27 16:08 - 2022-04-27 23:42 - 000000000 ___HD C:\Program Files (x86)\Temp
2022-04-27 16:08 - 2022-04-27 23:27 - 000019632 _____ C:\Windows\SysWOW64\RtkMsgs.dll
2022-04-27 16:08 - 2022-04-27 16:08 - 000000000 ____D C:\Dell
2022-04-27 16:01 - 2022-04-27 16:01 - 000024968 _____ (Dell) C:\Windows\system32\Drivers\DBUtilDrv2.sys
2022-04-27 15:53 - 2022-04-27 15:53 - 000000000 ____D C:\Users\piotr\AppData\Roaming\Intel Corporation
2022-04-27 15:46 - 2022-05-15 12:12 - 000000000 ____D C:\ProgramData\Intel Package Cache {1CEAC85D-2590-4760-800F-8DE5E91F3700}
2022-04-27 15:45 - 2022-05-15 12:08 - 000000000 ____D C:\Program Files (x86)\Intel
2022-04-27 15:45 - 2022-04-27 15:45 - 000000000 ____D C:\Users\Default\AppData\Roaming\Intel Corporation
2022-04-27 15:45 - 2022-04-27 15:45 - 000000000 ____D C:\Program Files\Common Files\Intel Corporation
2022-04-27 15:25 - 2022-05-11 12:46 - 000000000 ____D C:\ProgramData\PCDr
2022-04-27 15:01 - 2022-04-27 15:01 - 000000000 ____D C:\ProgramData\Dell Inc
2022-04-27 15:00 - 2022-04-27 21:55 - 000003330 _____ C:\Windows\system32\Tasks\Dell SupportAssistAgent AutoUpdate
2022-04-27 14:45 - 2017-06-02 09:48 - 002650328 _____ (Realtek Semiconductor Corp.) C:\Windows\RtCamU64.exe
2022-04-27 14:45 - 2017-06-02 09:48 - 001980632 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsDecode.dll
2022-04-27 14:45 - 2017-06-02 09:48 - 001132760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtsMFT0.dll
2022-04-27 14:45 - 2017-06-02 09:48 - 000647136 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCamP64.dll
2022-04-27 14:45 - 2017-06-02 09:48 - 000561632 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtCamP.dll
2022-04-27 14:13 - 2022-04-27 14:13 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-27 14:12 - 2022-04-27 14:12 - 000000000 ____D C:\Windows\Firmware
2022-04-27 14:11 - 2022-05-15 12:09 - 000000000 ____D C:\Program Files\Intel
2022-04-27 13:47 - 2022-05-13 19:58 - 000000000 ____D C:\Windows\system32\MRT
2022-04-27 13:26 - 2022-04-27 13:26 - 000000000 ____D C:\Windows\SystemTemp
2022-04-27 12:25 - 2022-04-27 12:25 - 001328408 _____ C:\Windows\system32\FaceTrackerInternal.dll
2022-04-27 12:25 - 2022-04-27 12:25 - 001321984 _____ C:\Windows\system32\FaceProcessor.dll
2022-04-27 12:25 - 2022-04-27 12:25 - 000503576 _____ C:\Windows\system32\FaceProcessorCore.dll
2022-04-27 12:24 - 2022-04-27 12:24 - 000464384 _____ (curl, hxxps://curl.se/) C:\Windows\SysWOW64\curl.exe
2022-04-27 12:24 - 2022-04-27 12:24 - 000444416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2022-04-27 12:24 - 2022-04-27 12:24 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\g711codc.ax
2022-04-27 12:23 - 2022-04-27 12:23 - 000560128 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2022-04-27 12:23 - 2022-04-27 12:23 - 000523776 _____ (curl, hxxps://curl.se/) C:\Windows\system32\curl.exe
2022-04-27 12:23 - 2022-04-27 12:23 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\g711codc.ax
2022-04-27 12:22 - 2022-04-27 12:22 - 000447488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
2022-04-27 12:22 - 2022-04-27 12:22 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2022-04-27 12:22 - 2022-04-27 12:22 - 000039936 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2022-04-27 12:21 - 2022-04-27 12:21 - 002254336 _____ C:\Windows\system32\dwmscene.dll
2022-04-27 12:21 - 2022-04-27 12:21 - 000545792 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2022-04-27 12:21 - 2022-04-27 12:21 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2022-04-27 12:21 - 2022-04-27 12:21 - 000048640 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2022-04-27 12:20 - 2022-04-27 12:20 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2022-04-27 12:20 - 2022-04-27 12:20 - 000093696 _____ C:\Windows\system32\Drivers\cimfs.sys
2022-04-27 12:19 - 2022-04-27 12:19 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-04-27 12:19 - 2022-04-27 12:19 - 000272896 _____ C:\Windows\system32\TpmTool.exe
2022-04-27 12:19 - 2022-04-27 12:19 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2022-04-27 00:49 - 2022-04-27 00:50 - 015359952 _____ (Dell Inc.) C:\Users\piotr\Downloads\Intel-Dynamic-Platform-and-Thermal-Framework_74P16_WIN_8.3.10209.6897_A12.EXE
2022-04-27 00:46 - 2022-04-27 00:54 - 195311304 _____ (Dell Inc.) C:\Users\piotr\Downloads\Intel-8260-7265-3165-7260-3160-WiFi-Driver_PPHR1_WIN_19.60.0.7_A08_02.EXE
2022-04-27 00:46 - 2022-04-27 00:50 - 062708768 _____ (Dell Inc.) C:\Users\piotr\Downloads\Application_V03JV_WN32_10.17.19_A01.EXE
2022-04-27 00:46 - 2022-04-27 00:49 - 028194312 _____ (Dell Inc.) C:\Users\piotr\Downloads\Realtek-IR-Camera-Driver_TWVGH_WIN_10.0.14393.11242_A05_01.EXE
2022-04-27 00:46 - 2022-04-27 00:47 - 024155048 _____ (Dell Inc.) C:\Users\piotr\Downloads\Realtek-PCIe-Ethernet-Controller-Driver_6W6KV_WIN_2.43.2017.727_A14.EXE
2022-04-27 00:45 - 2022-04-27 00:57 - 490330584 _____ (Dell Inc.) C:\Users\piotr\Downloads\Realtek-High-Definition-Audio-Driver_MM88C_WIN_6.0.8895.1_A16.EXE
2022-04-27 00:45 - 2022-04-27 00:47 - 022086192 _____ (Dell Inc.) C:\Users\piotr\Downloads\Realtek-Memory-Card-Reader-Driver_66CVW_WIN_10.0.18362.31252_A03_02.EXE
2022-04-27 00:45 - 2022-04-27 00:46 - 012362680 _____ (Dell Inc.) C:\Users\piotr\Downloads\Intel-Chipset-Device-Software_5MPRF_WIN_10.1.18121.8164_A09.EXE
2022-04-27 00:45 - 2022-04-27 00:45 - 011112864 _____ (Dell Inc.) C:\Users\piotr\Downloads\Intel-Serial-IO-Driver_WVVGP_WIN_30.100.1943.2_A08_01.EXE
2022-04-27 00:44 - 2022-04-27 00:50 - 063511848 _____ (Dell Inc.) C:\Users\piotr\Downloads\Intel-3165-and-7265-Wi-Fi-Driver_236GY_WIN_21.110.2.1_A12_03.EXE
2022-04-27 00:44 - 2022-04-27 00:50 - 055637736 _____ (Dell Inc.) C:\Users\piotr\Downloads\Intel-3165-and-7265-Bluetooth-Driver_996KG_WIN_21.110.0.3_A11_03.EXE
2022-04-27 00:44 - 2022-04-27 00:49 - 243886048 _____ (Dell Inc.) C:\Users\piotr\Downloads\Intel-Management-Engine-Interface-Driver_7PDHK_WIN_2105.15.0.2157_A08.EXE
2022-04-27 00:31 - 2022-05-20 19:45 - 000000000 ____D C:\Users\piotr\AppData\Local\PlaceholderTileLogoFolder
2022-04-27 00:12 - 2022-04-27 00:12 - 000000000 ____D C:\Users\piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-04-27 00:12 - 2022-04-27 00:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-04-27 00:11 - 2022-04-27 00:12 - 000000000 ____D C:\Program Files\WinRAR
2022-04-27 00:04 - 2022-04-27 00:04 - 003669688 _____ (Alexander Roshal) C:\Users\piotr\Downloads\winrar-x64-611pl.exe
2022-04-27 00:01 - 2022-04-28 23:41 - 000000000 ____D C:\Windows\Panther
2022-04-27 00:01 - 2018-08-30 12:06 - 000069984 _____ (Intel Corporation) C:\Windows\system32\Drivers\dptf_cpu.sys
2022-04-27 00:00 - 2022-05-15 12:11 - 000000000 ____D C:\ProgramData\Package Cache
2022-04-27 00:00 - 2022-05-14 14:14 - 000000000 ____D C:\Program Files\dotnet
2022-04-27 00:00 - 2022-04-27 00:36 - 000000000 ____D C:\Program Files\Realtek
2022-04-27 00:00 - 2017-06-02 09:48 - 003224544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\rtsuvc.sys
2022-04-27 00:00 - 2017-06-02 09:48 - 000104416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCamO64.dll
2022-04-26 23:59 - 2022-04-26 23:59 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf
2022-04-26 23:59 - 2022-04-26 23:59 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_esif_lf_01011.Wdf
2022-04-26 23:59 - 2022-04-26 23:59 - 000000000 ____D C:\Windows\system32\Intel
2022-04-26 23:59 - 2018-08-30 12:06 - 000383328 _____ (Intel Corporation) C:\Windows\system32\Drivers\esif_lf.sys
2022-04-26 23:58 - 2022-05-15 10:54 - 000000000 ____D C:\ProgramData\Dell
2022-04-26 23:56 - 2022-04-26 23:56 - 000000000 ____D C:\Users\piotr\AppData\Local\Comms
2022-04-26 23:55 - 2022-05-15 12:11 - 000000000 ____D C:\ProgramData\Intel
2022-04-26 23:54 - 2022-05-22 15:13 - 000000000 __SHD C:\Users\piotr\IntelGraphicsProfiles
2022-04-26 23:54 - 2022-05-22 15:13 - 000000000 ____D C:\Intel
2022-04-26 23:54 - 2022-04-26 23:54 - 000000000 ____D C:\Users\piotr\AppData\LocalLow\Intel
2022-04-26 23:54 - 2022-04-26 23:54 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
2022-04-26 23:50 - 2022-04-26 23:50 - 000706168 _____ (Dell Inc.) C:\Users\piotr\Downloads\SupportAssistLauncher.exe
2022-04-26 23:49 - 2022-05-11 15:25 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-26 23:49 - 2022-05-11 15:25 - 000002212 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-04-26 23:49 - 2022-04-27 15:56 - 000000000 ____D C:\Users\piotr\AppData\Local\Google
2022-04-26 23:48 - 2022-04-27 18:58 - 000000000 ____D C:\Program Files\Google
2022-04-26 23:47 - 2022-04-27 21:55 - 000003634 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{84D99F27-C4C5-42F4-A930-08F7F2242017}
2022-04-26 23:47 - 2022-04-27 21:55 - 000003410 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{BF764763-43E7-494B-91C0-05B406D2ECE4}
2022-04-26 23:45 - 2022-05-11 15:26 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-26 23:40 - 2022-04-26 23:40 - 001414600 _____ (Google LLC) C:\Users\piotr\Downloads\ChromeSetup.exe
2022-04-26 23:32 - 2022-04-26 23:32 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-04-26 23:30 - 2022-04-27 00:54 - 000000000 ____D C:\Users\piotr\AppData\Local\Publishers
2022-04-26 23:29 - 2022-05-19 07:44 - 000000000 ____D C:\Users\piotr\AppData\Local\Packages
2022-04-26 23:29 - 2022-05-15 13:45 - 000000000 ____D C:\Users\piotr\AppData\Local\VirtualStore
2022-04-26 23:29 - 2022-04-30 17:31 - 000000000 ____D C:\ProgramData\Packages
2022-04-26 23:29 - 2022-04-28 23:42 - 000000000 ____D C:\Users\piotr\AppData\Local\D3DSCache
2022-04-26 23:29 - 2022-04-27 00:09 - 000000000 ____D C:\Users\piotr\AppData\Local\ConnectedDevicesPlatform
2022-04-26 23:29 - 2022-04-26 23:32 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-04-26 23:29 - 2022-04-26 23:29 - 000000000 ___RD C:\Users\piotr\3D Objects
2022-04-26 23:29 - 2022-04-26 23:29 - 000000000 ____D C:\Users\piotr\AppData\Roaming\Adobe
2022-04-26 23:23 - 2022-05-22 11:52 - 000000000 ____D C:\Users\piotr
2022-04-26 23:23 - 2022-04-26 23:23 - 000000020 ___SH C:\Users\piotr\ntuser.ini
2022-04-26 23:23 - 2022-04-26 23:23 - 000000000 _SHDL C:\Users\piotr\Ustawienia lokalne
2022-04-26 23:23 - 2022-04-26 23:23 - 000000000 _SHDL C:\Users\piotr\Szablony
2022-04-26 23:23 - 2022-04-26 23:23 - 000000000 _SHDL C:\Users\piotr\Moje dokumenty
2022-04-26 23:23 - 2022-04-26 23:23 - 000000000 _SHDL C:\Users\piotr\Menu Start
2022-04-26 23:23 - 2022-04-26 23:23 - 000000000 _SHDL C:\Users\piotr\Documents\Moje wideo
2022-04-26 23:23 - 2022-04-26 23:23 - 000000000 _SHDL C:\Users\piotr\Documents\Moje obrazy
2022-04-26 23:23 - 2022-04-26 23:23 - 000000000 _SHDL C:\Users\piotr\Documents\Moja muzyka
2022-04-26 23:23 - 2022-04-26 23:23 - 000000000 _SHDL C:\Users\piotr\Dane aplikacji
2022-04-26 23:23 - 2022-04-26 23:23 - 000000000 _SHDL C:\Users\piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2022-04-26 23:23 - 2022-04-26 23:23 - 000000000 _SHDL C:\Users\piotr\AppData\Local\Tymczasowe pliki internetowe
2022-04-26 23:23 - 2022-04-26 23:23 - 000000000 _SHDL C:\Users\piotr\AppData\Local\Historia
2022-04-26 23:23 - 2022-04-26 23:23 - 000000000 _SHDL C:\Users\piotr\AppData\Local\Dane aplikacji
2022-04-26 23:23 - 2018-08-30 12:06 - 000074584 _____ (Intel Corporation) C:\Windows\system32\Drivers\dptf_acpi.sys
2022-04-26 23:15 - 2022-05-21 06:51 - 001681656 _____ C:\Windows\system32\PerfStringBackup.INI
2022-04-26 23:10 - 2022-04-26 23:10 - 000000000 _SHDL C:\Users\Public\Documents\Moje wideo
2022-04-26 23:10 - 2022-04-26 23:10 - 000000000 _SHDL C:\Users\Public\Documents\Moje obrazy
2022-04-26 23:10 - 2022-04-26 23:10 - 000000000 _SHDL C:\Users\Public\Documents\Moja muzyka
2022-04-26 23:10 - 2022-04-26 23:10 - 000000000 _SHDL C:\Users\Default\Ustawienia lokalne
2022-04-26 23:10 - 2022-04-26 23:10 - 000000000 _SHDL C:\Users\Default\Szablony
2022-04-26 23:10 - 2022-04-26 23:10 - 000000000 _SHDL C:\Users\Default\Moje dokumenty
2022-04-26 23:10 - 2022-04-26 23:10 - 000000000 _SHDL C:\Users\Default\Menu Start
2022-04-26 23:10 - 2022-04-26 23:10 - 000000000 _SHDL C:\Users\Default\Documents\Moje wideo
2022-04-26 23:10 - 2022-04-26 23:10 - 000000000 _SHDL C:\Users\Default\Documents\Moje obrazy
2022-04-26 23:10 - 2022-04-26 23:10 - 000000000 _SHDL C:\Users\Default\Documents\Moja muzyka
2022-04-26 23:10 - 2022-04-26 23:10 - 000000000 _SHDL C:\Users\Default\Dane aplikacji
2022-04-26 23:10 - 2022-04-26 23:10 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2022-04-26 23:10 - 2022-04-26 23:10 - 000000000 _SHDL C:\Users\Default\AppData\Local\Tymczasowe pliki internetowe
2022-04-26 23:10 - 2022-04-26 23:10 - 000000000 _SHDL C:\Users\Default\AppData\Local\Historia
2022-04-26 23:10 - 2022-04-26 23:10 - 000000000 _SHDL C:\Users\Default\AppData\Local\Dane aplikacji
2022-04-26 23:10 - 2022-04-26 23:10 - 000000000 _SHDL C:\ProgramData\Szablony
2022-04-26 23:10 - 2022-04-26 23:10 - 000000000 _SHDL C:\ProgramData\Pulpit
2022-04-26 23:10 - 2022-04-26 23:10 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2022-04-26 23:10 - 2022-04-26 23:10 - 000000000 _SHDL C:\ProgramData\Menu Start
2022-04-26 23:10 - 2022-04-26 23:10 - 000000000 _SHDL C:\ProgramData\Dokumenty
2022-04-26 23:10 - 2022-04-26 23:10 - 000000000 _SHDL C:\ProgramData\Dane aplikacji
2022-04-26 23:10 - 2022-04-26 23:10 - 000000000 _SHDL C:\Documents and Settings
2022-04-26 23:03 - 2022-05-22 15:13 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-04-26 23:03 - 2022-05-21 18:04 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-26 23:03 - 2022-05-21 18:04 - 000002286 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-04-26 23:03 - 2022-04-28 21:56 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-26 23:03 - 2022-04-28 21:56 - 000003442 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-04-26 23:03 - 2022-04-27 11:59 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-04-26 23:02 - 2022-05-22 16:09 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-04-26 23:02 - 2022-05-22 15:13 - 000008192 ___SH C:\DumpStack.log.tmp
2022-04-26 23:02 - 2022-04-26 23:02 - 000000000 ____D C:\Windows\ServiceProfiles
 
==================== Jeden miesiąc (zmodyfikowane) ==================
 
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
 
2022-05-22 15:44 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-05-22 15:13 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2022-05-22 15:12 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2022-05-21 18:05 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-05-21 18:05 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2022-05-21 06:51 - 2019-12-07 17:08 - 000751294 _____ C:\Windows\system32\perfh015.dat
2022-05-21 06:51 - 2019-12-07 17:08 - 000145486 _____ C:\Windows\system32\perfc015.dat
2022-05-21 06:51 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2022-05-15 11:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\NDF
2022-05-14 14:20 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2022-05-14 09:50 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-05-14 08:42 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2022-05-14 08:42 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2022-05-14 08:42 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-05-13 17:28 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2022-05-13 17:28 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2022-04-28 14:05 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\Downloaded Program Files
2022-04-27 14:11 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Drivers\DriverData
2022-04-27 13:53 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2022-04-27 13:27 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2022-04-27 13:27 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-04-27 13:26 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\UNP
2022-04-27 13:26 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2022-04-27 13:26 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-04-27 13:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2022-04-27 13:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2022-04-27 13:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz
2022-04-27 13:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lv-LV
2022-04-27 13:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lt-LT
2022-04-27 13:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\et-EE
2022-04-27 13:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX
2022-04-27 13:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2022-04-27 13:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\appraiser
2022-04-27 13:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2022-04-27 13:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2022-04-27 13:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2022-04-27 13:26 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing
2022-04-27 11:58 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-04-27 11:11 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\appcompat
2022-04-27 00:11 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2022-04-27 00:01 - 2019-12-07 11:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2022-04-26 23:46 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2022-04-26 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate
2022-04-26 23:12 - 2019-12-07 17:10 - 000000000 ____D C:\Windows\system32\FxsTmp
2022-04-26 23:12 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\spool
2022-04-26 23:10 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows NT
2022-04-26 23:03 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM
 
==================== Pliki w katalogu głównym wybranych folderów ========
 
2022-05-15 21:48 - 2022-05-15 21:48 - 000000003 _____ () C:\Users\piotr\AppData\Local\updater.log
2022-05-15 21:48 - 2022-05-15 21:51 - 000000059 _____ () C:\Users\piotr\AppData\Local\UserProducts.xml
 
==================== SigCheck ============================
 
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
 
==================== Koniec  FRST.txt ========================
 
 
 
 
 
 
 
Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 19-05-2021
Uruchomiony przez piotr (22-05-2022 17:51:24)
Uruchomiony z C:\Users\piotr\Desktop
Windows 10 Home Wersja 21H2 19044.1706 (X64) (2022-04-26 21:11:13)
Tryb startu: Normal
==========================================================
 
 
==================== Konta użytkowników: =============================
 
Administrator (S-1-5-21-2035300265-1235846444-584982049-500 - Administrator - Disabled)
Gość (S-1-5-21-2035300265-1235846444-584982049-501 - Limited - Disabled)
Konto domyślne (S-1-5-21-2035300265-1235846444-584982049-503 - Limited - Disabled)
piotr (S-1-5-21-2035300265-1235846444-584982049-1001 - Administrator - Enabled) => C:\Users\piotr
WDAGUtilityAccount (S-1-5-21-2035300265-1235846444-584982049-504 - Limited - Disabled)
 
==================== Centrum zabezpieczeń ========================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Zainstalowane programy ======================
 
(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)
 
CCleaner (HKLM\...\CCleaner) (Version: 6.00 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 101.0.4951.64 - Google LLC)
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10209.6897 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2105.15.0.2157 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1943.2 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.62.321.1 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{c3964069-17c1-45dd-85a5-949576ceeaa3}) (Version: 1.62.321.1 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000110-0210-1045-84C8-B8D95FA3C8C3}) (Version: 21.110.0.3 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{4a50fa17-2911-43ed-a2a1-d3a34411e2bb}) (Version: 21.110.2.1 - Intel Corporation) Hidden
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.12253.1 - Waves Audio Ltd.) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM-x32\...\{a699b48e-5748-4980-ad92-0b61b1d9d718}) (Version: 5.0.17.31213 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 101.0.1210.53 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation)
Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{8431b7d7-59d1-4f45-8212-a2eac049528f}) (Version: 19.60.0 - Intel Corporation)
Oprogramowanie mikroukładu Intel® (HKLM-x32\...\{37942a92-9e3f-4d70-9b5c-5955cbc54505}) (Version: 10.1.18121.8164 - Intel® Corporation)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8895.1 - Realtek Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31252 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.19.627.2017 - Realtek)
Realtek PC Camera Driver (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.14393.11242 - Realtek Semiconductor Corp.)
WinRAR 6.11 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
 
Packages:
=========
Centrum sterowania grafiką Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-04-27] (INTEL CORP) [Startup Task]
Dodatek Aparat multimediów dla aplikacji Zdjęcia -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-05-19] (Microsoft Corporation)
 
==================== Niestandardowe rejestracje CLSID (filtrowane): ==============
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
CustomCLSID: HKU\S-1-5-21-2035300265-1235846444-584982049-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-2035300265-1235846444-584982049-1001_Classes\CLSID\{EF706AB3-1E0E-4C5B-A40F-023F0FA36E12}\localserver32 -> C:\Windows\System32\RunDll32.exe "C:\Program Files\Soft Organizer\Notifications.dll",Activate -ToastActivated => Brak pliku
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> Brak pliku
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-14] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (filtrowane) ====================
 
==================== Skróty & WMI ========================
 
==================== Załadowane moduły (filtrowane) =============
 
2022-04-26 23:57 - 2022-04-26 23:57 - 042859520 _____ (Intel Corporation) [Brak podpisu cyfrowego] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.dll
 
==================== Alternate Data Streams (filtrowane) ========
 
==================== Tryb awaryjny (filtrowane) ==================
 
==================== Powiązania plików (filtrowane) =================
 
==================== Internet Explorer (filtrowane) ==========
 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
 
==================== Hosts - zawartość: =========================
 
(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)
 
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
 
==================== Inne obszary ===========================
 
(Obecnie brak automatycznej naprawy dla tej sekcji.)
 
HKU\S-1-5-21-2035300265-1235846444-584982049-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Zapora systemu Windows [funkcja włączona]
 
==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie.)
 
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKU\S-1-5-21-2035300265-1235846444-584982049-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-2035300265-1235846444-584982049-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_102D77BE86092CD11F3B00AB05EA0725"
 
==================== Reguły Zapory systemu Windows (filtrowane) ================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
FirewallRules: [{9E6CF7BB-76C1-44CB-8F3E-2455EF02003B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
 
==================== Punkty Przywracania systemu =========================
 
30-04-2022 12:16:07 Instalator modułów systemu Windows
09-05-2022 06:51:53 Zaplanowany punkt kontrolny
11-05-2022 12:17:54 Removed Quickset64.
11-05-2022 12:23:58 Instalator modułów systemu Windows
11-05-2022 12:49:34 Removed Sprawdzanie kondycji komputera z systemem Windows
13-05-2022 19:58:36 Instalator modułów systemu Windows
13-05-2022 20:03:14 Instalator modułów systemu Windows
14-05-2022 07:02:31 Instalator modułów systemu Windows
14-05-2022 07:19:53 Instalator modułów systemu Windows
14-05-2022 07:40:12 Instalator modułów systemu Windows
15-05-2022 08:39:44 Installed Intel® Wireless Bluetooth®
15-05-2022 10:56:15 Intel® Trusted Connect Services Client
15-05-2022 11:25:59 Removed Intel® Wireless Bluetooth®
15-05-2022 11:35:46 Removed Intel® Wireless Bluetooth®
15-05-2022 11:54:17 Installed Intel® Wireless Bluetooth®
 
==================== Wadliwe urządzenia w Menedżerze urządzeń ============
 
 
==================== Błędy w Dzienniku zdarzeń: ========================
 
Dziennik Aplikacja:
==================
Error: (05/22/2022 03:23:58 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Usługa Windows Search nie może przetworzyć listy lokalizacji dołączonych i wykluczonych. Błąd: <30, 0x80040d07, „iehistory://{S-1-5-21-2035300265-1235846444-584982049-1001}/”>.
 
Error: (05/22/2022 03:22:48 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Usługa Windows Search nie może przetworzyć listy lokalizacji dołączonych i wykluczonych. Błąd: <30, 0x80040d07, „iehistory://{S-1-5-21-2035300265-1235846444-584982049-1001}/”>.
 
Error: (05/22/2022 03:06:10 PM) (Source: DPTF) (EventID: 17) (User: ZARZĄDZANIE NT)
Description: ESIF(8.6.10401.9906) TYPE: ERROR MODULE: DPTF TIME 11592417 ms
 
DPTF Build Version:  8.6.10401.9906
DPTF Build Date:  Jun 14 2019 17:55:37
Source File:  c:\jenkins\workspace\dptf\src\dptf\sources\manager\domainworkitem.cpp @ line 79
Executing Function:  DomainWorkItem::writeDomainWorkItemErrorMessagePolicy
Message:  Unhandled exception caught during execution of work item
Framework Event:  DomainPowerControlCapabilityChanged [25]
Participant:  TCPU [2]
Domain:  Invalid [0]
Policy:  Passive Policy 2 [3]
Exception Function:  Policy::executeDomainPowerControlCapabilityChanged
Exception Text:  
invalid map<K, T> key
 
Error: (05/22/2022 09:36:34 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Usługa Windows Search nie może przetworzyć listy lokalizacji dołączonych i wykluczonych. Błąd: <30, 0x80040d07, „iehistory://{S-1-5-21-2035300265-1235846444-584982049-1001}/”>.
 
Error: (05/22/2022 09:35:29 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Usługa Windows Search nie może przetworzyć listy lokalizacji dołączonych i wykluczonych. Błąd: <30, 0x80040d07, „iehistory://{S-1-5-21-2035300265-1235846444-584982049-1001}/”>.
 
Error: (05/21/2022 06:46:24 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury QueryFullProcessImageNameW.  hr = 0x80070006, Nieprawidłowe dojście.
.
 
 
Operacja:
   Wykonywanie operacji asynchronicznej
 
Kontekst:
   Stan bieżący: DoSnapshotSet
 
Error: (05/21/2022 06:45:39 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu.
.
To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym.
 
 
Operacja:
   Zbieranie danych modułu zapisującego
 
Kontekst:
   Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220}
   Nazwa modułu zapisującego: System Writer
   Identyfikator wystąpienia modułu zapisującego: {876f0f36-21cb-4d35-8687-e5909c6c4454}
 
Error: (05/21/2022 06:43:02 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Usługa Windows Search nie może przetworzyć listy lokalizacji dołączonych i wykluczonych. Błąd: <30, 0x80040d07, „iehistory://{S-1-5-21-2035300265-1235846444-584982049-1001}/”>.
 
 
Dziennik System:
=============
Error: (05/22/2022 09:26:22 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Poprzednie zamknięcie systemu przy 09:13:22 na ‎22.‎05.‎2022 było nieoczekiwane.
 
Error: (05/21/2022 01:17:49 PM) (Source: DCOM) (EventID: 10010) (User: DELL-INSPIRON-5)
Description: Serwer {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} nie zarejestrował się w modelu DCOM w wymaganym czasie.
 
Error: (05/21/2022 09:41:51 AM) (Source: Schannel) (EventID: 4103) (User: ZARZĄDZANIE NT)
Description: Wystąpił błąd krytyczny podczas tworzenia poświadczeń TLS klient. Stan błędu wewnętrznego: 10013.
 
Error: (05/18/2022 07:42:35 AM) (Source: Schannel) (EventID: 4103) (User: ZARZĄDZANIE NT)
Description: Wystąpił błąd krytyczny podczas tworzenia poświadczeń TLS klient. Stan błędu wewnętrznego: 10013.
 
Error: (05/18/2022 07:38:01 AM) (Source: Schannel) (EventID: 4103) (User: ZARZĄDZANIE NT)
Description: Wystąpił błąd krytyczny podczas tworzenia poświadczeń TLS klient. Stan błędu wewnętrznego: 10013.
 
Error: (05/17/2022 07:53:09 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Poprzednie zamknięcie systemu przy 20:22:14 na ‎16.‎05.‎2022 było nieoczekiwane.
 
Error: (05/16/2022 04:34:25 PM) (Source: Schannel) (EventID: 4103) (User: ZARZĄDZANIE NT)
Description: Wystąpił błąd krytyczny podczas tworzenia poświadczeń TLS klient. Stan błędu wewnętrznego: 10013.
 
Error: (05/16/2022 04:34:15 PM) (Source: Schannel) (EventID: 4103) (User: ZARZĄDZANIE NT)
Description: Wystąpił błąd krytyczny podczas tworzenia poświadczeń TLS klient. Stan błędu wewnętrznego: 10013.
 
 
Windows Defender:
================
Date: 2022-05-21 19:31:25
Description: 
Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem.
Identyfikator skanowania: {4E33B3CE-3222-4E51-A9E8-BDB24E82FE2E}
Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem
Parametry skanowania: Szybkie skanowanie
Użytkownik: ZARZĄDZANIE NT\SYSTEM
 
Date: 2022-05-21 09:43:24
Description: 
Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem.
Identyfikator skanowania: {96376D0C-3A42-4671-9074-A8C1621F1A05}
Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem
Parametry skanowania: Szybkie skanowanie
Użytkownik: ZARZĄDZANIE NT\SYSTEM
 
Date: 2022-05-20 20:07:01
Description: 
Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem.
Identyfikator skanowania: {2CE592C8-C6C4-473B-8145-2CF3E7B0A2D0}
Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem
Parametry skanowania: Szybkie skanowanie
Użytkownik: ZARZĄDZANIE NT\SYSTEM
 
Date: 2022-05-19 07:40:22
Description: 
Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem.
Identyfikator skanowania: {844C5A37-9070-4CF5-A2A1-4E48C1B198A0}
Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem
Parametry skanowania: Szybkie skanowanie
Użytkownik: ZARZĄDZANIE NT\SYSTEM
 
Date: 2022-05-19 07:01:28
Description: 
Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem.
Identyfikator skanowania: {56B3E65A-3CC6-4CB0-A6EB-66DAA0591F33}
Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem
Parametry skanowania: Szybkie skanowanie
Użytkownik: ZARZĄDZANIE NT\SYSTEM
 
Date: 2022-05-15 10:24:44
Description: 
Agent ochrony w czasie rzeczywistym produktu Program antywirusowy Microsoft Defender wykrył błąd i jego uruchomienie nie powiodło się.
Funkcja: Przy dostępie
Kod błędu: 0x8007043c
Opis błędu: Tej usługi nie można uruchomić w trybie awaryjnym 
Przyczyna: Analiza zabezpieczeń dla oprogramowania chroniącego przed złośliwym kodem przestała działać z nieznanej przyczyny. W niektórych przypadkach problem można rozwiązać, uruchamiając ponownie usługę.
 
Date: 2022-05-15 10:10:07
Description: 
Agent ochrony w czasie rzeczywistym produktu Program antywirusowy Microsoft Defender wykrył błąd i jego uruchomienie nie powiodło się.
Funkcja: Przy dostępie
Kod błędu: 0x8007043c
Opis błędu: Tej usługi nie można uruchomić w trybie awaryjnym 
Przyczyna: Analiza zabezpieczeń dla oprogramowania chroniącego przed złośliwym kodem przestała działać z nieznanej przyczyny. W niektórych przypadkach problem można rozwiązać, uruchamiając ponownie usługę.
 
Date: 2022-05-13 13:56:57
Description: 
Produkt Program antywirusowy Microsoft Defender napotkał błąd podczas próby aktualizacji analizy zabezpieczeń.
Nowa wersja analizy zabezpieczeń: 
Poprzednia wersja analizy zabezpieczeń: 1.363.1467.0
Źródło aktualizacji: Serwer usługi Microsoft Update
Typ analizy zabezpieczeń: Oprogramowanie antywirusowe
Typ aktualizacji: Pełne
Użytkownik: ZARZĄDZANIE NT\SYSTEM
Bieżąca wersja aparatu: 
Poprzednia wersja aparatu: 1.1.19200.5
Kod błędu: 0x80240022
Opis błędu: Program nie może sprawdzić, czy są dostępne aktualizacje definicji. 
 
Date: 2022-05-13 13:40:47
Description: 
Produkt Program antywirusowy Microsoft Defender napotkał błąd podczas próby aktualizacji analizy zabezpieczeń.
Nowa wersja analizy zabezpieczeń: 
Poprzednia wersja analizy zabezpieczeń: 1.363.1467.0
Źródło aktualizacji: Centrum firmy Microsoft ds. ochrony przed złośliwym oprogramowaniem
Typ analizy zabezpieczeń: Oprogramowanie antyszpiegowskie
Typ aktualizacji: Pełne
Użytkownik: ZARZĄDZANIE NT\SYSTEM
Bieżąca wersja aparatu: 
Poprzednia wersja aparatu: 1.1.19200.5
Kod błędu: 0x80090305
Opis błędu: Żądany pakiet zabezpieczeń nie istnieje. 
 
Date: 2022-05-13 13:40:47
Description: 
Produkt Program antywirusowy Microsoft Defender napotkał błąd podczas próby aktualizacji analizy zabezpieczeń.
Nowa wersja analizy zabezpieczeń: 
Poprzednia wersja analizy zabezpieczeń: 1.363.1467.0
Źródło aktualizacji: Centrum firmy Microsoft ds. ochrony przed złośliwym oprogramowaniem
Typ analizy zabezpieczeń: Oprogramowanie antywirusowe
Typ aktualizacji: Pełne
Użytkownik: ZARZĄDZANIE NT\SYSTEM
Bieżąca wersja aparatu: 
Poprzednia wersja aparatu: 1.1.19200.5
Kod błędu: 0x80090305
Opis błędu: Żądany pakiet zabezpieczeń nie istnieje. 
 
CodeIntegrity:
===============
Date: 2022-05-22 08:09:24
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_c34fd594e40bf436\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Statystyki pamięci =========================== 
 
BIOS: Dell Inc. 1.5.0 06/11/2021
Płyta główna: Dell Inc. 01W6F7
Procesor: Intel® Core™ i5-7200U CPU @ 2.50GHz
Procent pamięci w użyciu: 27%
Całkowita pamięć fizyczna: 16282.52 MB
Dostępna pamięć fizyczna: 11872.08 MB
Całkowita pamięć wirtualna: 18714.52 MB
Dostępna pamięć wirtualna: 14549.45 MB
 
==================== Dyski ================================
 
Drive c: () (Fixed) (Total:222.95 GB) (Free:168.86 GB) NTFS
 
\\?\Volume{cd8bc7eb-d363-47c1-853d-1916856d529d}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{043f18fe-73db-41b5-8af5-571cbb676e6b}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Tablica partycji ====================
 
==========================================================
Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== Koniec  Addition.txt =======================
 
 
 

Attached Files


  • 0

Advertisements


#2
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,577 posts

Hi, piotrzyna.

Welcome to GTG Forums. EPFGbk7.gif

I will be assisting you regarding your computer's issues. Here, we will check your computer for malware.

Please, adhere to the guidelines below. As soon as I have your agreement about them, I'll start the cleaning procedure. 


1. Always ask before acting. Do not continue if you are not sure, or if something unexpected happens!

2. Do not run any tools unless instructed to do so. Also, do not uninstall or install any software during the procedure, unless I ask you to do so.

3. Cracked or pirated programs are not only illegal, but also can make your computer a malware target. Having such programs installed, is the easiest way to get infected. Thus, no need to clean the computer, since, soon or later, it will get infected again. If you have such programs, please uninstall them now, before we start the cleaning procedure.

4. If your computer seems to start working normally, don't abandon the topic. Even if your system is behaving normally, there may still be some malware remnants left over. Additionally, malware can re-infect the computer if some remnants are left. Therefore, please complete all requested steps to make sure any malware is successfully eradicated from your PC.

5. You have to reply to my posts within 3 days. If you need some additional time, just let me know. Otherwise, I will leave the topic due to lack of feedback. If you are able, I would request you to check this thread at least once per day so that we can resolve your issues effectively and efficiently.

6. Logs from malware diagnostic or removal programs can take some time to get analyzed. Also, have in mind that all the experts here are volunteers and may not be available to assist when you post. Please, be patient, while I analyze your logs.


  • 1

#3
piotrzyna

piotrzyna

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

Thank you very much for your express response.
I got to know the procedures. I will adapt. And please give me some more tips.


  • 0

#4
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,577 posts

Great. So we can start. :)

 

Although I could translate your logs, I would appreciate if you do the following for me, so the outcome will be in English: 

 

Right click on FRST64.exe on your Desktop and rename to FRST64English.exe

 

After that, please make a new scan once and attach the two logs for me. 

 

(To attach the files, click on the More Reply Options at the bottom right of the reply area, and then choose Attach File)

  • 0

#5
piotrzyna

piotrzyna

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

Zrobione. Proszę bardzo.

Attached Files


Edited by piotrzyna, 22 May 2022 - 11:41 AM.

  • 0

#6
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,577 posts

Hi. 
 
It's amazing how many programs (whatever) you downloaded the last month and I'm not surprised about your computer's condition right now. 
 
Please do the following for a start:
 
 
1. FRST fix

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

  • Please select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.
Start::
CreateRestorePoint:
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-2035300265-1235846444-584982049-1001_Classes\CLSID\{EF706AB3-1E0E-4C5B-A40F-023F0FA36E12}\localserver32 -> C:\Windows\System32\RunDll32.exe "C:\Program Files\Soft Organizer\Notifications.dll",Activate -ToastActivated => No File
ContextMenuHandlers2: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
S3 7ByteIo; \??\C:\Program Files (x86)\Hot CPU Tester Pro 4\SysInfoX64.sys [X]
S3 MpKslb81161c8; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F03CEBF3-DEAC-4129-A5DF-3CFC61D49F10}\MpKslDrv.sys [X]
Task: {BA1E561E-DFE6-4DD6-8077-CEF3FA649003} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\SystemInfo => C:\Users\piotr\AppData\Roaming\\sysinfotool\\sitool.exe <==== ATTENTION
C:\Users\piotr\AppData\Roaming\\sysinfotool
2022-05-22 10:05 - 2022-05-22 10:12 - 000000000 ____D C:\Users\piotr\AppData\Local\AnVir
2022-05-22 10:03 - 2022-05-22 10:03 - 004482760 _____ C:\Users\piotr\Downloads\taskfree.exe
2022-05-22 10:03 - 2022-05-22 10:03 - 003029920 _____ C:\Users\piotr\Downloads\SecurityTaskManager_Setup.exe
2022-05-22 10:01 - 2022-05-22 10:02 - 001306376 _____ () C:\Users\piotr\Downloads\anvir-task-manager-6628576401843841-AsystentPobierania_v1.04.97.23.49.3.exe
2022-05-15 20:21 - 2022-05-15 20:21 - 000001063 _____ C:\Users\piotr\Documents\Hot CPU.TXT
2022-05-15 20:21 - 2022-05-15 20:21 - 000001063 _____ C:\Users\piotr\Documents\Analiza  Hot CPU.TXT
2022-05-15 14:18 - 2022-05-15 14:18 - 000000000 ____D C:\ProgramData\eSellerate
2022-05-15 14:16 - 2022-05-15 14:16 - 001752848 _____ C:\Users\piotr\Downloads\Hot_CPU_Tester_Pro_4.41Full.rar
2022-05-15 14:09 - 2022-05-15 14:12 - 000000000 ____D C:\Users\piotr\AppData\Roaming\SysInfoTool
2022-05-15 14:09 - 2022-05-15 14:09 - 000000000 ____D C:\Users\piotr\Desktop\Hot CPU Tester Pro 4.4.1
2022-05-15 14:08 - 2022-05-15 14:08 - 000690751 _____ C:\Users\piotr\Downloads\Hot CPU Tester Pro 4.4.1.zip
2022-05-15 14:03 - 2022-05-15 14:03 - 000000150 _____ C:\Users\piotr\Downloads\Hot CPU Tester Pro_4.4.1_Crack.txt
2022-05-15 14:00 - 2022-05-15 14:00 - 001478440 _____ () C:\Users\piotr\Downloads\hot-cpu-tester-pro-lite-edition-4-4-1-ks_v1.09.174.03.16.exe
2022-05-15 12:38 - 2022-05-15 12:38 - 000000000 _____ C:\HCT8197.tmp
2022-05-15 12:38 - 2022-05-15 12:38 - 000000000 _____ C:\HCT8186.tmp
2022-05-15 12:38 - 2022-05-15 12:38 - 000000000 _____ C:\HCT8118.tmp
2022-05-15 12:38 - 2022-05-15 12:38 - 000000000 _____ C:\HCT8117.tmp
2022-05-15 12:36 - 2022-05-15 12:37 - 001874896 _____ C:\Users\piotr\Downloads\Hot CPU Tester Pro v4.1 Full (1).zip
2022-05-15 12:36 - 2022-05-15 12:36 - 001874896 _____ C:\Users\piotr\Downloads\Hot CPU Tester Pro v4.1 Full.zip
2022-05-14 21:30 - 2022-05-14 21:31 - 001791728 _____ (7Byte Computers ) C:\Users\piotr\Downloads\hotcpu.exe
2022-05-14 20:02 - 2022-05-14 20:04 - 002117608 _____ (CPUID, Inc. ) C:\Users\piotr\Downloads\cpu-z_2.01-en.exe
2022-05-14 09:48 - 2022-05-14 09:49 - 006705440 _____ (EnigmaSoft Limited) C:\Users\piotr\Downloads\SpyHunter-5.10-5-6614-Installer.exe
2022-05-13 23:03 - 2022-05-13 23:04 - 000260928 _____ (AVAST Software) C:\Users\piotr\Downloads\avast_free_antivirus_setup_online.exe
2022-04-28 13:57 - 2022-04-28 14:25 - 000000000 ____D C:\Program Files (x86)\Wise
2022-04-28 13:25 - 2022-04-28 13:26 - 017296688 _____ (WiseCleaner.com ) C:\Users\piotr\Downloads\WiseCare365_6.2.2.608.exe
2022-04-28 13:15 - 2022-04-28 13:15 - 001180736 _____ (AVG Technologies) C:\Users\piotr\Downloads\avg_tuneup_online_setup.exe
2022-04-28 12:29 - 2022-04-28 13:09 - 000000000 ____D C:\ProgramData\Glarysoft
2022-04-28 12:27 - 2022-04-28 13:09 - 000000000 ____D C:\Users\piotr\AppData\Roaming\GlarySoft
2022-04-28 12:27 - 2022-04-28 12:27 - 000000000 ____D C:\Users\piotr\AppData\Roaming\DiskDefrag
2022-04-28 12:23 - 2022-04-28 12:23 - 020590616 _____ (Glarysoft Ltd) C:\Users\piotr\Downloads\gu5setup.exe
2022-04-28 11:39 - 2022-04-28 11:39 - 000000000 ____D C:\Users\piotr\AppData\Local\OO Software
2022-04-27 22:06 - 2022-04-27 22:06 - 000000000 ____D C:\Windows\Tasks\ImCleanDisabled
2022-04-27 21:59 - 2022-04-27 21:59 - 080203776 _____ C:\Windows\system32\config\SOFTWARE.iobit
2022-04-27 21:59 - 2022-04-27 21:59 - 000425984 _____ C:\Windows\system32\config\DEFAULT.iobit
2022-04-27 21:59 - 2022-04-27 21:59 - 000081920 _____ C:\Windows\system32\config\SAM.iobit
2022-04-27 21:59 - 2022-04-27 21:59 - 000028672 _____ C:\Windows\system32\config\SECURITY.iobit
2022-04-27 19:00 - 2022-04-27 19:00 - 000000000 ____D C:\Users\piotr\AppData\LocalLow\iTop Screen Recorder
2022-04-27 18:58 - 2022-04-27 18:59 - 000000000 ____D C:\Users\piotr\AppData\Roaming\iTop Screenshot
2022-04-27 18:50 - 2022-04-27 19:32 - 000000000 ____D C:\ProgramData\{150F4013-6884-4350-8DDC-6BFCB4C5DC15}
2022-04-27 18:48 - 2022-05-14 08:22 - 000000000 ____D C:\ProgramData\iTop
2022-04-27 18:48 - 2022-04-27 19:01 - 000000000 ____D C:\Users\piotr\AppData\Roaming\iTop Screen Recorder
2022-04-27 18:24 - 2022-05-14 08:19 - 000000000 ____D C:\ProgramData\IObit
2022-04-27 18:24 - 2022-05-14 08:16 - 000000000 ____D C:\Program Files (x86)\IObit
2022-04-27 18:24 - 2022-04-27 22:06 - 000000000 ____D C:\Users\piotr\AppData\LocalLow\IObit
2022-04-27 18:23 - 2022-05-14 09:08 - 000000000 ____D C:\Users\piotr\AppData\Roaming\IObit
2022-04-27 16:08 - 2022-04-27 23:42 - 000000000 ___HD C:\Program Files (x86)\Temp
2022-04-27 00:00 - 2022-05-14 14:14 - 000000000 ____D C:\Program Files\dotnet
2022-05-14 09:12 - 2022-05-14 09:13 - 271846632 _____ (Malwarebytes) C:\Users\piotr\Downloads\mb4-setup-consumer-4.5.9.198-1.0.1676-1.0.54594.exe
2022-04-27 19:23 - 2022-04-27 19:30 - 278313192 _____ (Malwarebytes) C:\Users\piotr\Downloads\mb4-setup-consumer-4.5.8.191-1.0.1666-1.0.53967.exe
Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"}
EmptyTemp:
End::
  • Please right-click on FRST64 on your Desktop, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt on your Desktop.
  • Please post the log in your next reply.

 

2. Eset Online Scan

 

Download ESET Online Scanner and save it to your desktop.

  • Right-click on esetonlinescanner.exe and select Run as Administrator.
  • When the tool opens, click Computer Scan.
  • Click Yes to allow the tool run.
  • At the Welcome to ESET Online Scanner window, click Get Started.
  • Select whether you would like to send anonymous data to ESET.
  • Click on the Full Scan option.
  • Select Enable ESET to detect and remove potentially unwanted applications, then click Start scan.
  • After downloading updates, ESET will begin scanning your computer. This may take some time.
  • When the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop as eset.txt. Click on Continue.
  • ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature. Disable the feature and click on Save and continue.
  • On the next screen, you can leave feedback about the program if you wish. If you left feedback, click Submit and continue. If not, Close the application.
  • Open the scan log on your desktop (eset.txt) and copy and paste its contents into your next reply.

 

In your next reply please post:

  1. The fixlog.txt
  2. The eset.txt

  • 0

#7
piotrzyna

piotrzyna

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

above done

Edited by DR M to remove quotations.

Attached Files


  • 0

#8
piotrzyna

piotrzyna

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

 

above done

 

Edited by DR M to remove quotations.

Attached Files

  • Attached File  eset.txt   2.04KB   63 downloads

  • 0

#9
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,577 posts

Hi, piotrzyna.
 
I edited your posts, to remove the quotations. No need to quote my replies into your posts. Just write your answer in the reply area just below the last post. 
 
Moving on.


1. Run AdwCleaner (scan only)

Download AdwCleaner and save it to your desktop.

  • Double click AdwCleaner.exe to run it.
  • Click Scan Now.
    • When the scan has finished, a Scan Results window will open.
    • Click Cancel (at this point do not attempt to Quarantine anything that is found)
  • Now click the Log Files tab.
    • Double click on the latest scan log (Scan logs have a [S0*] suffix, where * is replaced by a number. The latest scan will have the largest number)
    • A Notepad file will open containing the results of the scan.
    • Please post the contents of the file in your next reply.

 

2. Run Malwarebytes (scan only)

  • Download Malwarebytes and save it to your Desktop.
  • Once downloaded, close all programs and Windows on your computer.
  • Double-click on the icon on your desktop named MBSetup.exe. This will start the installation of MBAM onto your computer.
  • Follow the instructions to install the program.
  • When finished, double click the program's icon created on your Desktop.
  • Click the little gear on the top right (Settings) and when it opens, click the Security tab and make sure about the following:
    Under the title Scan Options, all the options are checked.
    Under the title Windows Security Center (Premium only) the option is NOT checked.
    Under the title Potentially unwanted items all options are set to Always.
  • Click on the little gear to return to the main menu and select Scan. The program will start scanning your computer. This may take about 10 minutes, but in some cases it may be take longer.
  • When finished, you will see the Threat Scan Summary window open.
  • If threats are not found, click View Report and proceed to the two last steps below.

    If threats are found, make sure that all threats are not selected, close the program and proceed to the next steps below.
    • Open Malwarebytes again, click on the Scanner, and then on the Reports tab.
    • Find the report with the most recent date and double click on it.
    • Click on Export and then Copy to Clipboard.
    • Paste its content here, in your next reply.

 

 

In your next reply please post:

  • The AdwCleaner[S0*].txt
  • The Malwarebytes report
     

  • 0

#10
piotrzyna

piotrzyna

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
Malwarebytes
www.malwarebytes.com
 
-Szczegóły raportu-
Data skanowania: 23.05.2022
Czas skanowania: 16:22
Plik raportu: b92f6e32-daa3-11ec-9ad6-28f10e44d03c.json
 
-Informacje o oprogramowaniu-
Wersja: 4.5.9.198
Wersja komponentów: 1.0.1676
Aktualna wersja pakietu: 1.0.55298
Licencja: Za darmo
 
-Informacje o systemie-
System operacyjny: Windows 10 (Build 19044.1706)
Procesor: x64
System plików: NTFS
Użytkownik: Dell-Inspiron-5567\piotr
 
-Wyniki skanowania-
Typ skanowania: Pełne skanowanie
Skan zapoczątkowany przez: Ręcznie
Wynik: Ukończono
Obiekty przeskanowane: 262913
Wykryte zagrożenia: 0
Zagrożenia poddane kwarantannie: 0
Czas, który upłynął: 21 min, 49 s
 
-Opcje skanowania-
Pamięć: Włączony
Autostart: Włączony
System plików: Włączony
Archiwa: Włączony
Rootkity: Włączony
Heurystyka: Włączony
Potencjalnie niepożądany program (PUP): Wykrywanie
Potencjalnie niepożądana modyfikacja: Wykrywanie
 
-Szczegóły skanowania-
Proces: 0
(Nie wykryto zagrożeń)
 
Moduł: 0
(Nie wykryto zagrożeń)
 
Klucz rejestru: 0
(Nie wykryto zagrożeń)
 
Wartość rejestru: 0
(Nie wykryto zagrożeń)
 
Dane rejestru: 0
(Nie wykryto zagrożeń)
 
Strumień danych: 0
(Nie wykryto zagrożeń)
 
Folder: 0
(Nie wykryto zagrożeń)
 
Plik: 0
(Nie wykryto zagrożeń)
 
Sektor fizyczny: 0
(Nie wykryto zagrożeń)
 
WMI: 0
(Nie wykryto zagrożeń)
 
 
(end)

Attached Files


  • 0

Advertisements


#11
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,577 posts

Let's clean.
 
 1. AdwCleaner (Clean mode)

The findings in Folders and Registry parts of the log, are adware and PUPs which stands for Potentially Unwanted Programs. In the instructions below, I will list them all to be removed.

The section at the bottom under Preinstalled Software is software that was apparently installed when the device was new, which you may or may not use. Personally, I do not keep anything I don't use/need. But it's your computer, so your decision.

To proceed, please do the following:

  • Double click AdwCleaner.exe on your Desktop, to run it as you did before.
  • Click Scan Now.
  • When the scan has finished a Scan Results window will open.
  • Please check all the boxes and then click Quarantine.
  • Click Next.
  • If any pre-installed software was found on your machine, a prompt window will open. Click OK to close it.
  • Check any pre-installed software items you want to remove.
  • Click Quarantine.
  • A prompt to save your work will appear.
  • Click Continue when you're ready to proceed.
  • A prompt to restart your computer will appear.
  • Click Restart Now.
  • Once your computer has restarted:
  • If it doesn't open automatically, please start AdwCleaner.
  • Click the Log Files tab.
  • Double click on the latest Clean log (Clean logs have a [C0*] suffix, where * is replaced by a number, the latest scan will have the largest number)
  • A Notepad file will open containing the results of the removal.
  • Please post the contents of the file in your next reply.

 

2. Fresh FRST logs

  • Double-click on the FRST icon to run it, as you did before. When the tool opens click Yes to disclaimer.
  • Press Scan button and wait for a while.
  • The scanner will produced two logs on your Desktop: FRST.txt and Addition.txt.
  • Please attach the content of these two logs in your next reply.

 

In your next reply please post:

  1. The AdwCleaner[C0*].txt
  2. The FRST logs, Addition and FRST
  3. Feedback: How is the computer running now? 

  • 0

#12
piotrzyna

piotrzyna

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

There is a noticeable change in the speed of the laptop.
But unfortunately it doesn't work like it used to.
 

It's faster and thank you very much for that.
Because he worked very badly before cleaning.

Unfortunately, I am afraid that the fault may be in the equipment.

I am also asking you for the final assessment and comments on cleaning my laptop.

Can you direct me to the person who will analyze the components of my laptop?

 

 

Thank much for your professional and quick help.

 

 

Attached Files


  • 0

#13
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,577 posts

I am also asking you for the final assessment and comments on cleaning my laptop.

 
We still have a couple of things to do. 

 

But unfortunately it doesn't work like it used to.

 
Please explain and give more info about what exactly doesn't work as it should.

 

Can you direct me to the person who will analyze the components of my laptop?

 
What does this mean? Now we are in the Malware Removal Forum and we are in the process of cleaning your machine at a first step, and doing some maintenance at a second step. 
 

As for the condition before cleaning, as I said above, it doesn't surprise me. You have downloaded so many useless things, potentially unwanted programs, adware... In your effort to uninstalled them so many remnants were left behind. You had also at least one cracked program...
 

Another question before we continue: Do you have Skillbrains software installed? It's not shown in the Installed programs list, but there are signs of it elsewhere. 


  • 0

#14
piotrzyna

piotrzyna

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

I'm sorry but I had to misunderstand that this is the end of the job.

My English is poor, I use translate google.

 

 

We still do what is necessary to do what you suggest.

Skillbrains - LightShot software installed. It was installed for the screenshot but I uninstalled it.

 

And what doesn't work:

  • The built-in speakers do not work from the start of cleaning and there is no sound. And when you plug in headphones, there is a sound.
  • The touchpad is not working properly, the left and right buttons are not working, the rest are normal.
  • Keyboard not all buttons work, min. 7, 8, 9, 0 and F4-F12 and PrtScr
  • After switching them on, the programs run for a long time, they react slowly to anything.
  • Launching Youtube - videos are loading slowly, stuttering, you can hear crackling in the headphones.
  • In chrome, by running a pair of cards, it takes a long time to load, the wheel spins and spins.
  • In general, I have to wait a long time for the reaction of anything.

Even so, following your directions, the laptop runs much faster.

 

If I can ask, what programs did i have cracked?

 

 

 


Edited by piotrzyna, 23 May 2022 - 10:36 PM.

  • 0

#15
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,577 posts

Hi, piotr.
 

I'm sorry but I had to misunderstand that this is the end of the job.
 
My English is poor, I use translate google.

 
No problem at all. I'm also not a native English speaker. 
 
 

If I can ask, what programs did i have cracked?

 
This is from your logs:
 
C:\Users\piotr\Downloads\Hot CPU Tester Pro_4.4.1_Crack.txt
 
 
Moving on:

 

1. FRST fix

Please do the following to run a FRST fix.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

  • Please select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.
Start::
CreateRestorePoint:
CloseProcesses:
Task: {8D2022ED-5019-4A7E-8C09-E309520CA93F} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {E7F3A2B5-2DC0-45B6-88B2-1EE3814BB96E} - System32\Tasks\update-S-1-5-21-2035300265-1235846444-584982049-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2035300265-1235846444-584982049-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
RestoreQuarantine: C:\FRST\Quarantine\C:\Users\piotr\AppData\Roaming\Waves Audio
C:\Program Files (x86)\Skillbrains
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: SFC /scannow
EmptyTemp:
End::
  • Please right-click on FRST64 on your Desktop, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt on your Desktop.
  • Please post the log in your next reply.

 

2. Check TLS settings

  • Press Windows + R keys and type in inetcpl.cpl into the Run dialog window, then hit Enter.
  • In the Internet Properties window, click on the Advanced tab.
  • From here, check  Use TLS 1.0, Use TLS 1.1 and Use TLS 1.2
  • Then, click Apply and OK.
  • Reboot

 

3. Check disk

  • Click on the Start button and in the search box, type Command Prompt.
  • When you see Command Prompt on the list, right-click on it and select Run as administrator.
  • Enter the command below and press on Enter and wait for it to finish (~15 minutes).
       chkdsk C: /r
    
  • You will receive a message that the operation cannot be performed while the system is in use and ask if you want to check when you restart your computer. Choose Yes, and then restart the computer, allowing disk check to run at startup.
  • The process will take some time, depending on the disk condition.
  • Download ListChkdskResult by SleepyDude and save it on your Desktop.
  • Double click on the created icon.
  • A notepad file will open. Copy its content and paste it in your next reply.

 

In your next reply please post:

  1. The fixlog.txt
  2. How the step 2 went
  3. The report from step 3

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP