Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 02-11-2017
Uruchomiony przez Picek (administrator)  PICEK-KOMPUTER (07-11-2017 19:51:41)
Uruchomiony z C:\Users\Picek\Desktop
Załadowane profile: Picek (Dostępne profile: Picek)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Język: Polski (Polska)
Internet Explorer Wersja 8 (Domyślna przeglądarka: Chrome)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ClanServers Hosting LLC) C:\Program Files (x86)\GameTracker\GSInGameService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve Corporation) E:\Steam\Steam.exe
() C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Disc Soft Ltd) E:\DAEMON Tools Lite\DiscSoftBusService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) C:\Users\Picek\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Rejestr (filtrowane) ===========================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7659736 2014-11-26] (Realtek Semiconductor)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1172256 2014-11-10] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-06-27] (Intel Corporation)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [54520 2015-10-22] (Panda Security, S.L.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe,
HKU\S-1-5-21-2359066601-1373365521-515010662-1000\...\Run: [Steam] => E:\Steam\steam.exe [3102496 2017-10-31] (Valve Corporation)
HKU\S-1-5-21-2359066601-1373365521-515010662-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe [3340288 2012-03-20] ()
HKU\S-1-5-21-2359066601-1373365521-515010662-1000\...\Run: [DAEMON Tools Lite Automount] => E:\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-2359066601-1373365521-515010662-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-10] (Piriform Ltd)

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt
Tcpip\Parameters: [DhcpNameServer] 31.11.202.254 37.8.214.2
Tcpip\..\Interfaces\{17AE47C5-AF28-4937-988A-A0976B4C6ADE}: [DhcpNameServer] 31.11.202.254 37.8.214.2
Tcpip\..\Interfaces\{564CD366-2AAE-4FDF-A8C7-2C5CEAA525D9}: [DhcpNameServer] 7.254.254.254

Internet Explorer:
==================
HKU\S-1-5-21-2359066601-1373365521-515010662-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-11-05] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-05] (Oracle Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-24] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=pl-pl
CHR Session Restore: Default -> [funkcja włączona]
CHR Profile: C:\Users\Picek\AppData\Local\Google\Chrome\User Data\Default [2017-11-07]
CHR Extension: (Adblock Plus) - C:\Users\Picek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-26]
CHR Extension: (Steam Inventory Helper) - C:\Users\Picek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2017-10-19]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Picek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2017-10-30]
CHR Extension: (LINE) - C:\Users\Picek\AppData\Local\Google\Chrome\User Data\Default\Extensions\menkifleemblimdogmoihpfopnplikde [2017-10-23]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Picek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Chrome Media Router) - C:\Users\Picek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-01]
CHR HKU\S-1-5-21-2359066601-1373365521-515010662-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] - hxxps://clients2.google.com/service/update2/crx

Opera: 
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe

==================== Usługi (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1530888 2017-10-07] ()
R3 Disc Soft Lite Bus Service; E:\DAEMON Tools Lite\DiscSoftBusService.exe [1272560 2015-05-21] (Disc Soft Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3418024 2017-06-29] (LogMeIn Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Brak podpisu cyfrowego]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-06-01] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [54976 2014-03-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-11-10] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-10-18] (Panda Security, S.L.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5691912 2016-05-18] (INCA Internet Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-06-08] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-10-11] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2120032 2017-10-10] (Electronic Arts)
S2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [3000168 2017-10-10] (Electronic Arts)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [73176 2016-02-22] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-10-22] (Panda Security, S.L.)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [838128 2016-12-15] (Tunngle.net GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Sterowniki (filtrowane) ======================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-06-12] (Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2016-05-01] (REALiX(tm))
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-11-10] (Intel Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [94456 2015-07-09] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [201976 2015-07-09] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110840 2015-07-09] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [110840 2015-07-09] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [57648 2015-05-20] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [103160 2015-07-09] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [73464 2015-08-31] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124152 2015-07-09] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [300280 2015-07-09] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [170232 2015-07-09] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113400 2015-07-09] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257784 2015-07-09] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106232 2015-07-09] (Panda Security, S.L.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-11] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50624 2017-10-11] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57976 2017-05-03] (NVIDIA Corporation)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [164088 2015-07-19] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121592 2015-07-19] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197880 2015-07-19] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124152 2015-07-19] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [134392 2015-07-19] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107768 2015-07-19] (Panda Security, S.L.)
U3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-05-22] (Panda Security, S.L.)
S3 pspdisp; C:\Windows\System32\DRIVERS\pspdisp_x64.sys [4608 2011-01-18] (JJS) [Brak podpisu cyfrowego]
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2013-03-12] (Realtek Semiconductor Corporation )
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [47736 2015-12-21] (Tunngle.net)
R3 VBAudioVACMME; C:\Windows\System32\DRIVERS\vbaudio_cable64_win7.sys [41192 2013-07-11] (Windows (R) Win 7 DDK provider)
S1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [121248 2016-09-12] (Oracle Corporation)
R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex)

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2017-11-07 19:51 - 2017-11-07 19:52 - 000017807 _____ C:\Users\Picek\Desktop\FRST.txt
2017-11-07 19:49 - 2017-11-07 19:49 - 000000000 _____ C:\Windows\system32\sfc.txt
2017-11-07 19:26 - 2017-11-07 19:26 - 000008178 _____ C:\Users\Picek\Desktop\Crystaldiskinfo.txt
2017-11-07 19:25 - 2017-11-07 19:27 - 000000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2017-11-07 19:24 - 2017-11-07 19:24 - 002760032 _____ (Crystal Dew World ) C:\Users\Picek\Downloads\CrystalDiskInfo6_0_0-en.exe
2017-11-07 19:23 - 2017-11-07 19:23 - 000000000 ____D C:\Users\Picek\AppData\Local\CrystalDiskMark
2017-11-07 19:20 - 2017-11-07 19:20 - 002902288 _____ (Crystal Dew World ) C:\Users\Picek\Downloads\CrystalDiskMark6_0_0 (1).exe
2017-11-07 19:07 - 2015-05-22 09:45 - 000061712 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2017-11-07 19:01 - 2017-11-07 19:03 - 000010581 _____ C:\Users\Picek\Desktop\Fixlog.txt
2017-11-05 12:26 - 2017-11-05 12:26 - 001898633 _____ C:\Users\Picek\Downloads\OptiFine_1.8.0_HD_U_I3.jar
2017-11-05 12:11 - 2017-11-05 12:11 - 000097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2017-11-05 12:11 - 2017-11-05 12:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-11-05 12:10 - 2017-11-05 12:10 - 001852992 _____ (Oracle Corporation) C:\Users\Picek\Downloads\jre-8u151-windows-i586-iftw.exe
2017-11-05 12:04 - 2017-11-05 12:04 - 000000000 ____D C:\Users\Picek\Desktop\Minecraft
2017-11-04 00:47 - 2017-11-04 00:47 - 000000000 ____D C:\Program Files\DIFX
2017-11-04 00:47 - 2017-11-04 00:47 - 000000000 ____D C:\adb
2017-11-03 21:18 - 2017-11-03 21:18 - 000002399 _____ C:\Users\Picek\AppData\Local\recently-used.xbel
2017-11-02 10:52 - 2017-11-02 10:52 - 000000000 ____D C:\ProgramData\MB2Migration
2017-11-02 10:36 - 2017-11-07 19:51 - 000000000 ____D C:\FRST
2017-11-02 10:35 - 2017-11-07 19:01 - 002403328 _____ (Farbar) C:\Users\Picek\Desktop\FRST64.exe
2017-10-29 14:33 - 2017-10-31 20:21 - 000000000 ____D C:\Users\Picek\Desktop\rzeczy z telefonu
2017-10-29 12:18 - 2017-10-29 12:18 - 000000616 _____ C:\Users\Picek\Desktop\4K Video Downloader.lnk
2017-10-28 20:52 - 2017-10-28 20:52 - 000000000 ____D C:\Users\Picek\AppData\Local\4kdownload.com
2017-10-28 20:52 - 2017-10-28 20:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2017-10-28 20:51 - 2017-10-28 20:51 - 036022613 _____ C:\Users\Picek\Desktop\4k Video Downloader V 4.2.rar
2017-10-27 22:10 - 2017-10-27 22:11 - 026242477 _____ C:\Users\Picek\Desktop\Spolszczenie_GTAIV_1.0.8.0.rar
2017-10-27 14:33 - 2017-10-27 14:33 - 010720283 _____ C:\Users\Picek\Desktop\20304-mercedes-benz-w221-s500-2006.zip
2017-10-27 13:55 - 2017-10-11 02:05 - 000050624 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2017-10-27 13:41 - 2017-10-27 13:41 - 000020140 _____ C:\Users\Picek\Desktop\1506696209_TBoGT Graphics for IV.rar
2017-10-27 13:28 - 2009-01-27 03:26 - 001411584 _____ C:\Users\Picek\Desktop\GTA IV HANDLING EDITOR V1.0.exe
2017-10-27 11:57 - 2017-10-27 11:57 - 000000000 ____D C:\Users\Picek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ModManager
2017-10-26 19:08 - 2017-10-27 09:12 - 000000000 ____D C:\Program Files (x86)\BlueStacks
2017-10-22 11:54 - 2017-10-22 11:54 - 000000000 __SHD C:\ProgramData\SecuROM
2017-10-22 10:42 - 2017-10-22 10:42 - 000214456 _____ C:\Users\Picek\Desktop\Ustawy_konwencje_w_dzialalnosci_transportowej_spedycyjnej.pdf
2017-10-21 21:52 - 2017-10-21 21:52 - 000000000 ____D C:\Users\Picek\AppData\Roaming\THQ
2017-10-18 15:16 - 2017-10-18 15:16 - 000000000 ____D C:\$WINDOWS.~BT
2017-10-18 15:15 - 2017-10-18 15:15 - 000000000 ___HD C:\$Windows.~WS
2017-10-11 12:55 - 2017-10-11 12:55 - 000000000 ____D C:\ProgramData\PopCap Games
2017-10-10 16:57 - 2017-10-10 16:57 - 000000862 _____ C:\Users\Public\Desktop\Peggle.lnk
2017-10-10 16:57 - 2017-10-10 16:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peggle
2017-10-10 16:56 - 2017-10-10 16:56 - 000000862 _____ C:\Users\Public\Desktop\Need for Speed™.lnk
2017-10-10 16:56 - 2017-10-10 16:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed™
2017-10-10 15:38 - 2017-10-10 15:38 - 000000538 _____ C:\Users\Public\Desktop\Origin.lnk
2017-10-10 15:38 - 2017-10-10 15:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2017-10-10 15:31 - 2017-10-10 15:42 - 000000000 ____D C:\Users\Picek\AppData\Local\Origin
2017-10-08 15:56 - 2017-10-08 15:56 - 000018850 _____ C:\Users\Picek\Downloads\[torrenty.to] Juiced 2- Hot Import Nights -2007- [1920x1080] [Dubbing + Napisy PL] [ISO] [SYMETRYCZNY].torrent
2017-10-08 15:53 - 2017-10-08 15:53 - 000308973 _____ C:\Users\Picek\Downloads\[torrenty.to] Juiced 2- Hot Import Nights [PC] [PL] [Multi-9].torrent

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2017-11-07 19:24 - 2015-06-15 19:39 - 000000000 ____D C:\Users\Picek\AppData\Roaming\TS3Client
2017-11-07 19:22 - 2016-03-20 13:56 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-11-07 19:21 - 2016-03-20 13:56 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-07 19:19 - 2015-06-26 16:08 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-07 19:10 - 2017-07-01 19:43 - 000000000 ____D C:\Users\Picek\AppData\Local\LogMeIn Hamachi
2017-11-07 19:09 - 2016-11-01 09:28 - 000000200 _____ C:\Windows\Tasks\AutoKMS.job
2017-11-07 19:07 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-07 19:01 - 2016-02-13 17:42 - 000000000 ____D C:\Users\Picek\AppData\Roaming\Mozilla
2017-11-07 19:01 - 2016-02-13 17:42 - 000000000 ____D C:\Users\Picek\AppData\Local\Mozilla
2017-11-07 19:01 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-11-06 11:30 - 2009-07-14 18:55 - 002272898 _____ C:\Windows\system32\perfh015.dat
2017-11-06 11:30 - 2009-07-14 18:55 - 000673282 _____ C:\Windows\system32\perfc015.dat
2017-11-06 11:30 - 2009-07-14 06:13 - 000006208 _____ C:\Windows\system32\PerfStringBackup.INI
2017-11-05 19:18 - 2015-08-09 13:32 - 000000000 ____D C:\Users\Picek\AppData\Roaming\.minecraft
2017-11-05 13:22 - 2016-01-20 21:08 - 000000000 ____D C:\Users\Picek\AppData\Local\CrashDumps
2017-11-05 12:12 - 2015-06-24 17:36 - 000000000 ____D C:\ProgramData\Oracle
2017-11-05 12:11 - 2015-06-24 17:36 - 000000000 ____D C:\Program Files (x86)\Java
2017-11-05 12:09 - 2017-05-11 18:21 - 000000000 ____D C:\Users\Picek\AppData\Roaming\uTorrent
2017-11-04 01:15 - 2015-06-04 19:57 - 000000000 ____D C:\Users\Picek
2017-11-04 01:14 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\registration
2017-11-04 01:14 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2017-11-03 21:25 - 2015-06-07 20:56 - 000000000 ____D C:\Users\Picek\.gimp-2.8
2017-11-03 21:18 - 2015-06-07 21:06 - 000000000 ____D C:\Users\Picek\AppData\Local\gtk-2.0
2017-11-02 23:26 - 2009-07-14 05:45 - 000014096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-11-02 23:26 - 2009-07-14 05:45 - 000014096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-11-02 11:02 - 2015-10-22 11:34 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-11-02 10:58 - 2017-07-28 14:17 - 000000000 ____D C:\Users\Picek\AppData\Roaming\The.Elder.Scrolls.V.Skyrim.Legendary.Edition.With.update1.9+ALLDLCs
2017-11-02 10:27 - 2015-06-18 16:47 - 000000000 ____D C:\Users\Picek\AppData\Roaming\vlc
2017-10-29 14:42 - 2017-03-19 10:55 - 000000000 ____D C:\Users\Picek\Desktop\Różne
2017-10-28 15:06 - 2015-06-12 16:02 - 000000000 ____D C:\Users\Picek\AppData\Roaming\DAEMON Tools Lite
2017-10-28 15:04 - 2017-08-28 23:04 - 000000000 ____D C:\Windows\Minidump
2017-10-28 09:35 - 2015-06-26 16:17 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-10-27 19:06 - 2009-07-14 06:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-10-27 13:56 - 2017-08-25 12:21 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-27 13:56 - 2017-08-25 12:21 - 000003814 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-27 13:56 - 2017-08-25 12:21 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-27 13:56 - 2017-05-03 00:40 - 000001412 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-10-27 13:56 - 2015-06-26 16:17 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-10-27 13:56 - 2015-06-26 16:11 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-10-27 13:55 - 2017-08-25 12:21 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-27 13:55 - 2017-08-25 12:21 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-27 13:55 - 2017-08-25 12:21 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-27 13:55 - 2017-08-25 12:21 - 000003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-27 13:55 - 2017-08-25 12:21 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-26 20:22 - 2017-04-29 14:53 - 000000000 ____D C:\Users\Picek\AppData\Local\Bluestacks
2017-10-22 13:23 - 2015-09-08 14:14 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2017-10-21 22:02 - 2015-06-22 15:17 - 000000000 ____D C:\Users\Picek\Documents\My Games
2017-10-21 22:02 - 2015-06-04 20:13 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-10-21 21:32 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\Downloaded Program Files
2017-10-21 13:03 - 2009-07-14 04:20 - 000000000 __RHD C:\Users\Public\Libraries
2017-10-21 12:49 - 2015-10-14 13:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2017-10-21 12:49 - 2015-06-12 19:18 - 000000000 ____D C:\Users\Picek\Documents\Rockstar Games
2017-10-18 15:16 - 2015-06-04 20:46 - 000000000 ____D C:\Windows\Panther
2017-10-12 19:48 - 2015-06-27 22:58 - 000000000 ____D C:\Users\Picek\AppData\Roaming\Origin
2017-10-12 19:48 - 2015-06-27 22:56 - 000000000 ____D C:\ProgramData\Origin
2017-10-11 02:05 - 2017-06-28 22:14 - 000186304 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-10-11 02:05 - 2017-06-28 22:14 - 000152512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-10-11 02:05 - 2016-11-01 09:07 - 001796032 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-10-11 02:05 - 2016-11-01 09:07 - 001577920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-10-11 02:05 - 2016-11-01 09:07 - 000918976 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2017-10-11 00:26 - 2017-05-03 00:40 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat

==================== Pliki w katalogu głównym wybranych folderów =======

2015-04-19 13:20 - 2015-04-19 13:20 - 000005872 _____ () C:\Users\Picek\AppData\Roaming\JhABjd0cjBNlDp4kaI3qhX9NvY
2016-09-18 18:36 - 2016-09-18 18:36 - 000000055 _____ () C:\Users\Picek\AppData\Roaming\MouseServer.ini
2017-02-11 20:42 - 2017-02-11 20:42 - 000000004 _____ () C:\Users\Picek\AppData\Roaming\steam_md5.dat
2017-02-09 16:10 - 2017-02-09 16:43 - 000006144 _____ () C:\Users\Picek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-11-03 21:18 - 2017-11-03 21:18 - 000002399 _____ () C:\Users\Picek\AppData\Local\recently-used.xbel
2015-06-30 09:52 - 2017-05-26 14:48 - 000007600 _____ () C:\Users\Picek\AppData\Local\Resmon.ResmonCfg
2015-06-04 20:15 - 2015-06-04 20:15 - 000000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo
C:\Windows\explorer.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo
C:\Windows\system32\services.exe => Plik podpisany cyfrowo
C:\Windows\system32\User32.dll
[2015-11-22 12:32] - [2010-11-20 05:27] - 001008640 _____ (Microsoft Corporation) E573BD9AB55C8E333C202B9E255F972E

C:\Windows\SysWOW64\User32.dll
[2015-12-28 12:46] - [2015-12-28 12:46] - 000833024 _____ (Microsoft Corporation) 2C9CC9F492CA596B1B9FC1AE5E916356

C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo

LastRegBack: 2017-07-13 21:11

==================== Koniec  FRST.txt ============================