Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 12-05-2023 01 Uruchomiony przez GrabeK (administrator) DESKTOP-9S8VKIE (Gigabyte Technology Co., Ltd. H81M-S1) (15-05-2023 17:23:25) Uruchomiony z C:\Users\kubag\Downloads\Programs\FRST64.exe Załadowane profile: GrabeK Platforma: Microsoft Windows 10 Pro Wersja 22H2 19045.2965 (X64) Język: Polski (Polska) Domyślna przeglądarka: Edge Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe (C:\Program Files (x86)\Internet Download Manager\IDMan.exe ->) (Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8> (C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe (C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <23> (explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe\GameBar.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe (svchost.exe ->) (Tonec Inc. -> Tonec Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Internet Download Manager\IDMan.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Ograniczenia <==== UWAGA HKLM\Software\Policies\...\system: [EnableSmartScreen] 0 HKU\S-1-5-21-3407708593-1678639240-1211477281-1001\...\Run: [MicrosoftEdgeAutoLaunch_3B6828042CA0B18AA8723F85613D125E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4152256 2023-05-11] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3407708593-1678639240-1211477281-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40412984 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKU\S-1-5-21-3407708593-1678639240-1211477281-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [5483832 2023-05-14] (Tonec Inc. -> Tonec Inc.) [Brak podpisu cyfrowego] HKU\S-1-5-21-3407708593-1678639240-1211477281-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4362600 2023-04-28] (Valve Corp. -> Valve Corporation) GroupPolicy: Ograniczenia ? <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {00CCE3CD-7668-4087-8A47-65D44A79B463} - System32\Tasks\CCleanerSkipUAC - kubag => C:\Program Files\CCleaner\CCleaner.exe [34159416 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {193206ED-D769-4337-9CE3-E25D3D081B91} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "dcc2306e-ccb9-433f-9cba-fab716ded2c6" --version "6.11.10455" --silent Task: {1B72B8BA-EB18-4C81-83DC-DFED20D77C31} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {2932E038-98A0-4785-9CFC-B8DDA2FC7B15} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-04-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {5FEACA68-B607-4B57-9AC1-A0C3E862341E} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [268576 2021-04-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {72DD4FC4-32F0-48A4-91DC-E3DF2B08E8F6} - System32\Tasks\CCleanerSkipUAC - GrabeK => C:\Program Files\CCleaner\CCleaner.exe [34159416 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {DCD6A5E4-C721-47F9-B92E-ADED0CEB48D7} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-04-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {DD2E520B-8B4B-48C7-A198-F4DC06D78351} - System32\Tasks\Window Update => C:\Users\kubag\AppData\Local\Updates\Run.vbs [1015 2022-05-09] () [Brak podpisu cyfrowego] <==== UWAGA Task: {EF4020FD-E3FF-46E3-818C-69B89B85EF11} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [62752 2021-04-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{3f15403e-df9a-48d2-8b9e-815cb3bf9ea8}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge DefaultProfile: Profile 1 Edge Profile: C:\Users\kubag\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2023-05-14] Edge Profile: C:\Users\kubag\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2023-05-15] Edge StartupUrls: Profile 1 -> "hxxp://www.google.com/" Edge Extension: (Adblock Plus - darmowy adblocker) - C:\Users\kubag\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2023-05-13] Edge Extension: (Edge relevant text changes) - C:\Users\kubag\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-05-14] Edge Extension: (IDM Integration Module) - C:\Users\kubag\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2023-05-14] Edge HKU\S-1-5-21-3407708593-1678639240-1211477281-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2020-12-25] FireFox: ======== FF HKU\S-1-5-21-3407708593-1678639240-1211477281-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\kubag\AppData\Roaming\IDM\idmmzcc5 FF Extension: (IDM CC) - C:\Users\kubag\AppData\Roaming\IDM\idmmzcc5 [2023-05-14] [Przestarzałe] [Brak podpisu cyfrowego] FF HKU\S-1-5-21-3407708593-1678639240-1211477281-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Przestarzałe] Chrome: ======= CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-12-25] CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-12-25] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9084512 2023-05-14] (Malwarebytes Inc. -> Malwarebytes) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_8e2568524f674315\amdsafd.sys [100768 2021-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices) R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-05-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) U4 MsSecFlt; Brak ImagePath U4 Sense; Brak ImagePath U4 SgrmAgent; Brak ImagePath U4 SgrmBroker; Brak ImagePath U4 WdBoot; Brak ImagePath U4 WdFilter; Brak ImagePath U4 WdNisDrv; Brak ImagePath U4 WdNisSvc; Brak ImagePath U4 WinDefend; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2023-05-15 17:20 - 2023-05-15 17:23 - 000000000 ____D C:\FRST 2023-05-14 21:08 - 2023-05-14 21:14 - 000000000 ____D C:\Users\kubag\AppData\Local\CrashDumps 2023-05-14 21:05 - 2023-05-14 21:05 - 000798854 _____ C:\Users\kubag\Downloads\OTL.Txt 2023-05-14 20:24 - 2023-05-14 20:24 - 000000000 ____D C:\Users\kubag\Desktop\287700 2023-05-14 20:22 - 2023-05-14 20:22 - 000001102 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk 2023-05-14 20:22 - 2023-05-14 20:22 - 000001090 _____ C:\Users\Public\Desktop\paint.net.lnk 2023-05-14 20:21 - 2023-05-14 20:22 - 000000000 ____D C:\Users\kubag\AppData\Local\paint.net 2023-05-14 20:21 - 2023-05-14 20:21 - 000000000 ____D C:\Program Files\paint.net 2023-05-14 20:20 - 2023-05-14 20:20 - 000798854 _____ C:\Users\kubag\Desktop\OTL.Txt 2023-05-14 20:19 - 2023-05-14 20:19 - 000000000 ____D C:\Users\kubag\AppData\Local\ElevatedDiagnostics 2023-05-14 20:18 - 2023-05-14 20:18 - 000000000 ____D C:\Users\kubag\Desktop\skan 2023-05-14 20:10 - 2023-05-14 20:10 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2023-05-14 20:10 - 2023-05-14 20:10 - 000000000 ____D C:\Users\kubag\AppData\Local\mbam 2023-05-14 20:09 - 2023-05-14 20:09 - 000000000 ____D C:\ProgramData\Malwarebytes 2023-05-14 20:09 - 2023-05-14 20:09 - 000000000 ____D C:\Program Files\Malwarebytes 2023-05-14 19:59 - 2023-05-14 19:59 - 000000438 _____ C:\ProgramData\ntuser.pol 2023-05-14 19:51 - 2023-05-15 01:01 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner 2023-05-14 19:51 - 2023-05-14 19:51 - 000001159 _____ C:\Users\kubag\Desktop\MSI Afterburner.lnk 2023-05-14 19:51 - 2023-05-14 19:51 - 000000000 ____D C:\Users\kubag\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner 2023-05-14 19:50 - 2023-05-14 19:50 - 000001739 _____ C:\Users\kubag\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TimerResolution.lnk 2023-05-14 14:44 - 2023-05-14 14:44 - 000000000 ___HD C:\$WinREAgent 2023-05-14 14:37 - 2023-05-14 14:37 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer 2023-05-14 14:37 - 2023-05-14 14:37 - 000000000 ____D C:\Program Files\Reference Assemblies 2023-05-14 14:37 - 2023-05-14 14:37 - 000000000 ____D C:\Program Files\MSBuild 2023-05-14 14:37 - 2023-05-14 14:37 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2023-05-14 14:37 - 2023-05-14 14:37 - 000000000 ____D C:\Program Files (x86)\MSBuild 2023-05-14 02:24 - 2023-05-14 02:24 - 000000000 ____D C:\Users\kubag\AppData\Local\Steam 2023-05-14 02:24 - 2023-05-14 02:24 - 000000000 ____D C:\Users\kubag\AppData\Local\CEF 2023-05-14 02:22 - 2023-05-15 17:19 - 000000000 ____D C:\Program Files (x86)\Steam 2023-05-14 02:22 - 2023-05-14 02:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2023-05-14 02:20 - 2023-05-14 02:20 - 000000000 ____D C:\Users\kubag\Documents\CPY_SAVES 2023-05-14 02:11 - 2023-05-14 02:12 - 000000000 ____D C:\Windows\SysWOW64\directx 2023-05-14 01:15 - 2023-05-15 17:20 - 000000000 ____D C:\Users\kubag\AppData\Local\Updates 2023-05-14 01:15 - 2023-05-14 01:15 - 000014544 _____ (OpenLibSys.org) C:\Windows\system32\WinRing0x64.sys 2023-05-14 01:15 - 2023-05-14 01:15 - 000003252 _____ C:\Windows\system32\Tasks\Window Update 2023-05-14 01:15 - 2023-05-14 01:15 - 000000000 ____D C:\Program Files (x86)\OceanofGames.ccom 2023-05-14 00:43 - 2023-05-14 20:23 - 000000000 ____D C:\Users\kubag\AppData\Roaming\DMCache 2023-05-14 00:43 - 2023-05-14 20:20 - 000000000 ____D C:\Users\kubag\Downloads\Compressed 2023-05-14 00:43 - 2023-05-14 20:09 - 000000000 ____D C:\Users\kubag\AppData\Roaming\IDM 2023-05-14 00:43 - 2023-05-14 00:43 - 010351359 _____ C:\Users\kubag\Downloads\Internet Download Manager 6.38.16.rar 2023-05-14 00:43 - 2023-05-14 00:43 - 000000000 ____D C:\Users\kubag\Downloads\Video 2023-05-14 00:43 - 2023-05-14 00:43 - 000000000 ____D C:\Users\kubag\Downloads\Internet Download Manager 6.38.16 2023-05-14 00:43 - 2023-05-14 00:43 - 000000000 ____D C:\Users\kubag\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager 2023-05-14 00:43 - 2023-05-14 00:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager 2023-05-14 00:43 - 2023-05-14 00:43 - 000000000 ____D C:\ProgramData\IDM 2023-05-14 00:43 - 2023-05-14 00:43 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager 2023-05-14 00:34 - 2023-05-14 00:34 - 000000000 ____D C:\Users\kubag\AppData\Local\PeerDistRepub 2023-05-14 00:30 - 2023-05-14 20:01 - 000000000 ____D C:\Users\kubag\AppData\Local\AMD_Common 2023-05-14 00:29 - 2023-05-14 00:29 - 000000000 ____D C:\Users\kubag\AppData\Local\cache 2023-05-14 00:28 - 2023-05-14 00:28 - 000001254 _____ C:\Users\kubag\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner.lnk 2023-05-14 00:26 - 2023-05-14 19:52 - 000000000 ____D C:\Windows\Panther 2023-05-14 00:24 - 2023-05-14 00:24 - 000002908 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - GrabeK 2023-05-14 00:20 - 2023-05-14 00:20 - 000000000 ____D C:\Windows\pss 2023-05-14 00:19 - 2023-05-14 00:20 - 000000000 ____D C:\Users\kubag\AppData\Roaming\Microsoft\MMC 2023-05-14 00:12 - 2023-05-15 17:20 - 000000000 ____D C:\Program Files\CCleaner 2023-05-14 00:12 - 2023-05-14 00:22 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job 2023-05-14 00:12 - 2023-05-14 00:12 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update 2023-05-14 00:12 - 2023-05-14 00:12 - 000003476 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting 2023-05-14 00:12 - 2023-05-14 00:12 - 000002904 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - kubag 2023-05-14 00:11 - 2023-05-14 00:11 - 056166984 _____ (Piriform Software Ltd) C:\Users\kubag\Downloads\ccsetup611.exe 2023-05-14 00:10 - 2023-05-14 00:10 - 002387968 _____ C:\Windows\system32\smartscreen.exe 2023-05-14 00:08 - 2023-05-14 00:08 - 000003126 _____ C:\Windows\system32\Tasks\AMDInstallLauncher 2023-05-14 00:07 - 2023-05-14 00:07 - 000003106 _____ C:\Windows\system32\Tasks\AMDLinkUpdate 2023-05-14 00:07 - 2023-05-14 00:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Link For Windows 2023-05-14 00:07 - 2023-05-14 00:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool 2023-05-14 00:05 - 2023-05-14 02:13 - 000000000 ____D C:\ProgramData\Package Cache 2023-05-14 00:05 - 2023-05-14 00:05 - 000003160 _____ C:\Windows\system32\Tasks\StartCN 2023-05-14 00:05 - 2023-05-14 00:05 - 000003080 _____ C:\Windows\system32\Tasks\StartDVR 2023-05-14 00:05 - 2023-05-14 00:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software 2023-05-14 00:05 - 2021-04-30 16:54 - 002261904 _____ (AMD Inc.) C:\Windows\SysWOW64\AMDBugReportTool.exe 2023-05-14 00:04 - 2023-05-14 00:23 - 000000000 ____D C:\ProgramData\AMD 2023-05-14 00:04 - 2023-05-14 00:04 - 000000000 ____D C:\Users\kubag\AppData\Local\RadeonInstaller 2023-05-14 00:02 - 2023-05-14 00:02 - 000000000 ____D C:\AMD 2023-05-14 00:00 - 2023-05-14 00:01 - 483807776 _____ (AMD Inc.) C:\Users\kubag\Downloads\non-whql-radeon-software-adrenalin-2020-21.5.1-win10-64bit-may6.exe 2023-05-14 00:00 - 2023-05-14 00:01 - 000000000 ____D C:\Windows\system32\MRT 2023-05-14 00:00 - 2023-05-14 00:00 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2023-05-13 23:58 - 2023-05-13 23:58 - 000000000 ____D C:\Users\kubag\AppData\Roaming\Microsoft\IME 2023-05-13 23:49 - 2023-05-13 23:49 - 000004608 _____ C:\Windows\SECOH-QAD.exe 2023-05-13 23:49 - 2023-05-13 23:49 - 000003584 _____ C:\Windows\SECOH-QAD.dll 2023-05-13 23:49 - 2023-05-13 23:49 - 000000000 ____D C:\Users\kubag\Downloads\KMSpico_10.2.0+Portable 2023-05-13 23:47 - 2023-05-13 23:47 - 007255838 _____ C:\Users\kubag\Downloads\KMSpico_10.2.0+Portable.rar 2023-05-13 23:47 - 2023-05-13 23:47 - 001575742 _____ (Igor Pavlov) C:\Users\kubag\Downloads\7z2201-x64.exe 2023-05-13 23:47 - 2023-05-13 23:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2023-05-13 23:47 - 2023-05-13 23:47 - 000000000 ____D C:\Program Files\7-Zip 2023-05-13 23:39 - 2023-05-13 23:39 - 000000000 ____D C:\Users\kubag\AppData\Local\Comms 2023-05-13 23:38 - 2023-05-13 23:38 - 000000000 ____D C:\Users\kubag\AppData\Roaming\Microsoft\Spelling 2023-05-13 23:37 - 2023-05-14 14:34 - 000000000 ____D C:\Users\kubag\AppData\Local\PlaceholderTileLogoFolder 2023-05-13 23:36 - 2023-05-13 23:36 - 000000000 ___RD C:\Users\kubag\OneDrive 2023-05-13 23:36 - 2023-05-13 23:36 - 000000000 ____D C:\Users\kubag\AppData\LocalLow\AMD 2023-05-13 23:36 - 2023-05-13 23:36 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2023-05-13 23:35 - 2023-05-15 17:19 - 000000000 ____D C:\ProgramData\Packages 2023-05-13 23:35 - 2023-05-14 19:48 - 000000000 ____D C:\Users\kubag\AppData\Local\D3DSCache 2023-05-13 23:35 - 2023-05-14 02:24 - 000000000 ____D C:\Users\kubag\AppData\Local\Packages 2023-05-13 23:35 - 2023-05-14 00:29 - 000000000 ____D C:\Users\kubag\AppData\Local\AMD 2023-05-13 23:35 - 2023-05-14 00:24 - 000000000 ____D C:\Users\kubag\AppData\Local\ConnectedDevicesPlatform 2023-05-13 23:35 - 2023-05-13 23:39 - 000000000 __RHD C:\Users\Public\AccountPictures 2023-05-13 23:35 - 2023-05-13 23:35 - 000000000 __SHD C:\Users\kubag\IntelGraphicsProfiles 2023-05-13 23:35 - 2023-05-13 23:35 - 000000000 ___SD C:\Users\kubag\AppData\Roaming\Microsoft\Crypto 2023-05-13 23:35 - 2023-05-13 23:35 - 000000000 ___RD C:\Users\kubag\3D Objects 2023-05-13 23:35 - 2023-05-13 23:35 - 000000000 ____D C:\Users\kubag\AppData\Roaming\Microsoft\Vault 2023-05-13 23:35 - 2023-05-13 23:35 - 000000000 ____D C:\Users\kubag\AppData\Roaming\Microsoft\Network 2023-05-13 23:35 - 2023-05-13 23:35 - 000000000 ____D C:\Users\kubag\AppData\Roaming\Adobe 2023-05-13 23:35 - 2023-05-13 23:35 - 000000000 ____D C:\Users\kubag\AppData\Local\VirtualStore 2023-05-13 23:35 - 2023-05-13 23:35 - 000000000 ____D C:\Users\kubag\AppData\Local\Publishers 2023-05-13 23:34 - 2023-05-14 00:27 - 001678234 _____ C:\Windows\system32\PerfStringBackup.INI 2023-05-13 23:34 - 2023-05-13 23:35 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2023-05-13 23:34 - 2023-05-13 23:34 - 000000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2023-05-13 23:34 - 2023-05-13 23:34 - 000000000 ____D C:\Intel 2023-05-13 23:34 - 2023-05-13 23:34 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin 2023-05-13 23:33 - 2023-05-15 01:01 - 000065536 _____ C:\Windows\system32\spu_storage.bin 2023-05-13 23:33 - 2023-05-14 00:54 - 000000000 ____D C:\Users\kubag\AppData\Roaming\Microsoft\Windows 2023-05-13 23:33 - 2023-05-14 00:24 - 000000000 ___SD C:\Users\kubag\AppData\Roaming\Microsoft\Protect 2023-05-13 23:33 - 2023-05-14 00:07 - 000000000 ____D C:\Windows\system32\AMD 2023-05-13 23:33 - 2023-05-14 00:05 - 000000000 ____D C:\Program Files\AMD 2023-05-13 23:33 - 2023-05-13 23:36 - 000000000 ____D C:\Users\kubag 2023-05-13 23:33 - 2023-05-13 23:33 - 000000020 ___SH C:\Users\kubag\ntuser.ini 2023-05-13 23:33 - 2023-05-13 23:33 - 000000000 _SHDL C:\Users\kubag\Ustawienia lokalne 2023-05-13 23:33 - 2023-05-13 23:33 - 000000000 _SHDL C:\Users\kubag\Szablony 2023-05-13 23:33 - 2023-05-13 23:33 - 000000000 _SHDL C:\Users\kubag\Moje dokumenty 2023-05-13 23:33 - 2023-05-13 23:33 - 000000000 _SHDL C:\Users\kubag\Menu Start 2023-05-13 23:33 - 2023-05-13 23:33 - 000000000 _SHDL C:\Users\kubag\Documents\Moje wideo 2023-05-13 23:33 - 2023-05-13 23:33 - 000000000 _SHDL C:\Users\kubag\Documents\Moje obrazy 2023-05-13 23:33 - 2023-05-13 23:33 - 000000000 _SHDL C:\Users\kubag\Documents\Moja muzyka 2023-05-13 23:33 - 2023-05-13 23:33 - 000000000 _SHDL C:\Users\kubag\Dane aplikacji 2023-05-13 23:33 - 2023-05-13 23:33 - 000000000 _SHDL C:\Users\kubag\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2023-05-13 23:33 - 2023-05-13 23:33 - 000000000 _SHDL C:\Users\kubag\AppData\Local\Tymczasowe pliki internetowe 2023-05-13 23:33 - 2023-05-13 23:33 - 000000000 _SHDL C:\Users\kubag\AppData\Local\Historia 2023-05-13 23:33 - 2023-05-13 23:33 - 000000000 _SHDL C:\Users\kubag\AppData\Local\Dane aplikacji 2023-05-13 23:33 - 2023-05-13 23:33 - 000000000 ___SD C:\Users\kubag\AppData\Roaming\Microsoft\SystemCertificates 2023-05-13 23:33 - 2023-05-13 23:33 - 000000000 ___SD C:\Users\kubag\AppData\Roaming\Microsoft\Credentials 2023-05-13 23:33 - 2023-05-13 23:33 - 000000000 ____D C:\Program Files\Intel 2023-05-13 23:32 - 2021-05-05 15:14 - 001748800 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll 2023-05-13 23:32 - 2021-05-05 15:14 - 000202136 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll 2023-05-13 23:32 - 2020-10-29 13:31 - 000553584 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll 2023-05-13 23:32 - 2020-10-29 13:31 - 000383600 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll 2023-05-13 23:32 - 2020-10-29 12:29 - 000154384 _____ C:\Windows\system32\samu_krnl_ci.sbin 2023-05-13 23:32 - 2020-10-29 12:29 - 000138832 _____ C:\Windows\system32\samu_krnl_isv_ci.sbin 2023-05-13 23:32 - 2020-10-29 12:29 - 000121168 _____ C:\Windows\system32\kapp_si.sbin 2023-05-13 23:29 - 2023-05-13 23:29 - 000000000 ____D C:\Windows\CSC 2023-05-13 23:28 - 2023-05-13 23:28 - 000000000 _SHDL C:\Users\Public\Documents\Moje wideo 2023-05-13 23:28 - 2023-05-13 23:28 - 000000000 _SHDL C:\Users\Public\Documents\Moje obrazy 2023-05-13 23:28 - 2023-05-13 23:28 - 000000000 _SHDL C:\Users\Public\Documents\Moja muzyka 2023-05-13 23:28 - 2023-05-13 23:28 - 000000000 _SHDL C:\Users\Default\Ustawienia lokalne 2023-05-13 23:28 - 2023-05-13 23:28 - 000000000 _SHDL C:\Users\Default\Szablony 2023-05-13 23:28 - 2023-05-13 23:28 - 000000000 _SHDL C:\Users\Default\Moje dokumenty 2023-05-13 23:28 - 2023-05-13 23:28 - 000000000 _SHDL C:\Users\Default\Menu Start 2023-05-13 23:28 - 2023-05-13 23:28 - 000000000 _SHDL C:\Users\Default\Documents\Moje wideo 2023-05-13 23:28 - 2023-05-13 23:28 - 000000000 _SHDL C:\Users\Default\Documents\Moje obrazy 2023-05-13 23:28 - 2023-05-13 23:28 - 000000000 _SHDL C:\Users\Default\Documents\Moja muzyka 2023-05-13 23:28 - 2023-05-13 23:28 - 000000000 _SHDL C:\Users\Default\Dane aplikacji 2023-05-13 23:28 - 2023-05-13 23:28 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2023-05-13 23:28 - 2023-05-13 23:28 - 000000000 _SHDL C:\Users\Default\AppData\Local\Tymczasowe pliki internetowe 2023-05-13 23:28 - 2023-05-13 23:28 - 000000000 _SHDL C:\Users\Default\AppData\Local\Historia 2023-05-13 23:28 - 2023-05-13 23:28 - 000000000 _SHDL C:\Users\Default\AppData\Local\Dane aplikacji 2023-05-13 23:28 - 2023-05-13 23:28 - 000000000 _SHDL C:\ProgramData\Szablony 2023-05-13 23:28 - 2023-05-13 23:28 - 000000000 _SHDL C:\ProgramData\Pulpit 2023-05-13 23:28 - 2023-05-13 23:28 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy 2023-05-13 23:28 - 2023-05-13 23:28 - 000000000 _SHDL C:\ProgramData\Menu Start 2023-05-13 23:28 - 2023-05-13 23:28 - 000000000 _SHDL C:\ProgramData\Dokumenty 2023-05-13 23:28 - 2023-05-13 23:28 - 000000000 _SHDL C:\ProgramData\Dane aplikacji 2023-05-13 23:28 - 2023-05-13 23:28 - 000000000 _SHDL C:\Documents and Settings 2023-05-13 23:27 - 2023-05-15 17:18 - 000008192 ___SH C:\DumpStack.log.tmp 2023-05-13 23:27 - 2023-05-15 17:18 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2023-05-13 23:27 - 2023-05-14 19:30 - 000000000 ____D C:\Windows\system32\SleepStudy 2023-05-13 23:27 - 2023-05-14 00:22 - 000258584 _____ C:\Windows\system32\FNTCACHE.DAT 2023-05-13 23:27 - 2023-05-13 23:29 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-05-13 23:27 - 2023-05-13 23:28 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-05-13 23:27 - 2023-05-13 23:28 - 000003442 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-05-13 23:27 - 2023-05-13 23:27 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2023-05-13 23:27 - 2023-05-13 23:27 - 000000000 ____D C:\Windows\ServiceProfiles ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2023-05-15 17:19 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-05-15 17:19 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness 2023-05-15 17:18 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-05-15 01:01 - 2019-12-07 11:03 - 000262144 _____ C:\Windows\system32\config\BBI 2023-05-14 20:14 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF 2023-05-14 19:51 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2023-05-14 19:50 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2023-05-14 14:47 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp 2023-05-14 14:42 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender 2023-05-14 14:40 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2023-05-14 14:40 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\appcompat 2023-05-14 14:38 - 2019-12-07 17:09 - 000784296 _____ C:\Windows\system32\perfh015.dat 2023-05-14 14:38 - 2019-12-07 17:09 - 000152192 _____ C:\Windows\system32\perfc015.dat 2023-05-14 14:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\MUI 2023-05-14 14:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV 2023-05-14 14:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT 2023-05-14 14:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE 2023-05-14 14:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX 2023-05-14 14:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources 2023-05-14 14:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns 2023-05-14 14:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup 2023-05-14 14:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\MUI 2023-05-14 14:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lv-LV 2023-05-14 14:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lt-LT 2023-05-14 14:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\et-EE 2023-05-14 14:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX 2023-05-14 14:35 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\system32\GroupPolicy 2023-05-14 00:26 - 2019-12-07 11:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template 2023-05-14 00:21 - 2019-12-07 17:09 - 000000000 ____D C:\Windows\SysWOW64\pl 2023-05-14 00:21 - 2019-12-07 17:08 - 000000000 ____D C:\Windows\system32\pl 2023-05-14 00:21 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\UNP 2023-05-14 00:21 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2023-05-14 00:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata 2023-05-14 00:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe 2023-05-14 00:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2023-05-14 00:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemApps 2023-05-14 00:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata 2023-05-14 00:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates 2023-05-14 00:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation 2023-05-14 00:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe 2023-05-14 00:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz 2023-05-14 00:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism 2023-05-14 00:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs 2023-05-14 00:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences 2023-05-14 00:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning 2023-05-14 00:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr 2023-05-14 00:21 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System 2023-05-14 00:14 - 2019-12-07 11:15 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll 2023-05-14 00:14 - 2019-12-07 11:14 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll 2023-05-14 00:14 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing 2023-05-13 23:51 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog 2023-05-13 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState 2023-05-13 23:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioDatabase 2023-05-13 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\spool 2023-05-13 23:28 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows NT 2023-05-13 23:27 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate 2023-05-13 23:27 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM ==================== FLock ============================== 2023-05-14 00:10 C:\Windows\system32\smartscreen.exe ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================