Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja:25-10-2015
Uruchomiony przez SYSTEM  MININT-5JBQ5SV (25-10-2015 13:51:01)
Uruchomiony z G:\
Platform: Windows 7 Home Premium Service Pack 1 (X86) Język: Polski (Polska)
Internet Explorer Wersja 11
Tryb startu: Recovery
Domyślne: ControlSet001
[b]UWAGA!:=====> Jeśli system uruchamia się, FRST należy uruchomić z poziomu Trybu awaryjnego lub normalnego w celu utworzenia kompletnego raportu.[/b]

Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Rejestr (filtrowane) ===========================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-09] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe [904824 2015-08-19] (BlueStack Systems, Inc.)
HKLM\...\Run: [mbot_pl_014010107] => [X]
HKLM\...\RunOnce: [asdsetup] => C:\asdsetup.exe [0 2015-10-25] ()
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0x00000000
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0x00000000
HKLM\...\Policies\Explorer: [NoSetTaskBar] 0
HKLM\...\Policies\Explorer: [NoFileMenu] 0
HKLM\...\Policies\Explorer: [NoNetworkConnections] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0x00000000
HKLM\...\Policies\Explorer: [NoDesktop] 0x00000000
HKLM\...\Policies\Explorer: [MaxRecentDocs] 0
HKLM\...\Policies\Explorer: [NoNetConnectDisconnect] 0
HKLM\...\Policies\Explorer: [NoRemoteRecursiveEvents] 0
HKLM\...\Policies\Explorer: [NoRecentDocsHistory] 0x00000000
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [ClearRecentDocsOnExit] 0x00000000
HKLM\...\Policies\Explorer: [NoInternetIcon] 0
HKLM\...\Policies\Explorer: [NoStartBanner] 0x00000000
HKLM\...\Policies\Explorer: [NoNetHood] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0x00000000
HKLM\...\Policies\Explorer: [NoWinKey] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoNetConnextDisconnect] 0
HKLM\...\Policies\Explorer: [NoFavoritesMenu] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoSMConfigurePrograms] 0
HKLM\...\Policies\Explorer: [NoControlPanle] 0
HKU\002\...\Run: [AutoConnect] => C:\Program Files\AutoConnect\AutoConnect.exe [310784 2006-12-03] (http://autoconnect.prv.pl)
HKU\002\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [26624 2010-11-20] (Microsoft Corporation)
HKU\004\...\Run: [AutoConnect] => C:\Program Files\AutoConnect\AutoConnect.exe [310784 2006-12-03] (http://autoconnect.prv.pl)
HKU\004\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [26624 2010-11-20] (Microsoft Corporation)
HKU\005\...\Run: [AutoConnect] => C:\Program Files\AutoConnect\AutoConnect.exe [310784 2006-12-03] (http://autoconnect.prv.pl)
HKU\005\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [26624 2010-11-20] (Microsoft Corporation)
HKU\006\...\Run: [AutoConnect] => C:\Program Files\AutoConnect\AutoConnect.exe [310784 2006-12-03] (http://autoconnect.prv.pl)
HKU\006\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [26624 2010-11-20] (Microsoft Corporation)
HKU\007\...\Run: [AutoConnect] => C:\Program Files\AutoConnect\AutoConnect.exe [310784 2006-12-03] (http://autoconnect.prv.pl)
HKU\007\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [26624 2010-11-20] (Microsoft Corporation)
HKU\013 US\...\Run: [AutoConnect] => C:\Program Files\AutoConnect\AutoConnect.exe [310784 2006-12-03] (http://autoconnect.prv.pl)
HKU\013 US\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [26624 2010-11-20] (Microsoft Corporation)
HKU\014\...\Run: [AutoConnect] => C:\Program Files\AutoConnect\AutoConnect.exe [310784 2006-12-03] (http://autoconnect.prv.pl)
HKU\014\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [26624 2010-11-20] (Microsoft Corporation)
HKU\015UK\...\Run: [AutoConnect] => C:\Program Files\AutoConnect\AutoConnect.exe [310784 2006-12-03] (http://autoconnect.prv.pl)
HKU\015UK\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [26624 2010-11-20] (Microsoft Corporation)
HKU\016UK\...\Run: [AutoConnect] => C:\Program Files\AutoConnect\AutoConnect.exe [310784 2006-12-03] (http://autoconnect.prv.pl)
HKU\016UK\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [26624 2010-11-20] (Microsoft Corporation)
HKU\017\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [26624 2010-11-20] (Microsoft Corporation)
HKU\Normalne\...\Run: [uTorrent] => C:\Users\Normalne\AppData\Roaming\uTorrent\uTorrent.exe [1822048 2015-10-12] (BitTorrent Inc.)
HKU\Normalne\...\Run: [icq] => C:\Users\Normalne\AppData\Roaming\ICQM\icq.exe [39738376 2015-09-14] (ICQ)
HKU\Normalne\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [26624 2010-11-20] (Microsoft Corporation)

==================== Usługi (filtrowane) ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S3 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [437880 2015-08-19] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [413304 2015-08-19] (BlueStack Systems, Inc.)
S2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [839288 2015-08-19] (BlueStack Systems, Inc.)
S2 ihpmServer; C:\Program Files\RayDld\ihpmServer.exe [268520 2015-09-25] ()
S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2015-04-14] (Microsoft Corporation)

===================== Sterowniki (filtrowane) ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [132216 2015-08-19] (BlueStack Systems)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2015-10-23] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
S3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (ATK0100)

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2015-10-25 18:45 - 2015-10-25 18:45 - 00000000 _____ C:\asdsetup.exe
2015-10-25 18:42 - 2015-10-25 18:42 - 00524288 _____ C:\Windows\System32\config\DEFAULT.bhv
2015-10-25 13:50 - 2015-10-25 13:51 - 00000000 ____D C:\FRST
2015-10-25 13:33 - 2015-10-25 13:33 - 00000000 __SHD C:\found.000
2015-10-23 10:03 - 2015-10-23 10:03 - 00144784 _____ C:\Windows\Minidump\102315-25833-01.dmp
2015-10-22 23:48 - 2015-10-23 10:18 - 00170200 _____ (Malwarebytes) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2015-10-22 23:48 - 2015-10-22 23:48 - 00001064 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-22 23:47 - 2015-10-22 23:48 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-10-22 23:47 - 2015-10-22 23:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-22 23:47 - 2015-10-05 08:50 - 00094936 _____ (Malwarebytes) C:\Windows\System32\Drivers\mbamchameleon.sys
2015-10-22 23:47 - 2015-10-05 08:50 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mwac.sys
2015-10-22 23:47 - 2015-10-05 08:50 - 00023256 _____ (Malwarebytes) C:\Windows\System32\Drivers\mbam.sys
2015-10-22 23:46 - 2015-10-22 23:47 - 22908888 _____ (Malwarebytes ) C:\Users\002\Downloads\mbam-setup-2.2.0.1024.exe
2015-10-22 23:44 - 2015-10-22 23:44 - 00000000 ____D C:\Users\002\Desktop\mbar
2015-10-22 23:26 - 2015-10-22 23:26 - 00000000 ____D C:\Program Files\7-Zip
2015-10-22 23:23 - 2015-10-22 23:23 - 00000000 ____D C:\Users\002\AppData\Roaming\Macromedia
2015-10-22 23:19 - 2015-10-22 23:19 - 00000000 ____D C:\Users\002\Desktop\Kaspersky.Internet.Security.2015
2015-10-22 23:19 - 2015-10-22 23:19 - 00000000 ____D C:\Users\002\AppData\Roaming\WinRAR
2015-10-22 23:19 - 2015-10-22 23:19 - 00000000 ____D C:\Users\002\AppData\Local\GWX
2015-10-22 23:18 - 2015-10-22 23:18 - 00000000 ____D C:\Users\002\AppData\Roaming\Andy
2015-10-22 23:18 - 2015-10-22 23:18 - 00000000 ____D C:\Users\002\Andy
2015-10-22 23:18 - 2014-07-08 21:47 - 00000265 _____ C:\Users\Normalne\Downloads\Update Patch a Info.txt
2015-10-22 23:18 - 2014-07-07 11:06 - 00000000 ____D C:\Users\Normalne\Downloads\Medicine
2015-10-22 23:01 - 2015-10-22 23:17 - 188531809 _____ C:\Users\002\Desktop\Kaspersky.Internet.Security.2015.rar
2015-10-22 22:42 - 2015-10-22 23:27 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-10-22 22:35 - 2015-10-22 22:42 - 173141720 _____ (Kaspersky Lab) C:\Users\Normalne\Downloads\Kaspersky Internet Security 2016.exe
2015-10-22 22:35 - 2015-10-22 22:35 - 00795180 _____ C:\Users\Normalne\Downloads\Reset Trial 2016.rar
2015-10-22 22:34 - 2015-10-22 23:26 - 00000000 ____D C:\Users\Normalne\Downloads\Kaspersky Internet Security 2015+Reset Trial
2015-10-22 22:29 - 2015-10-22 22:34 - 175293078 _____ C:\Users\Normalne\Downloads\Kaspersky Internet Security 2015+Reset Trial.rar
2015-10-22 22:04 - 2015-10-22 22:04 - 00000000 ____D C:\Users\017\Desktop\Old Firefox Data
2015-10-21 11:06 - 2015-10-21 11:06 - 00144784 _____ C:\Windows\Minidump\102115-20607-01.dmp
2015-10-21 10:04 - 2015-10-21 10:04 - 00144784 _____ C:\Windows\Minidump\102115-31839-01.dmp
2015-10-21 10:03 - 2015-10-21 10:03 - 00006736 ____N C:\bootsqm.dat
2015-10-21 01:32 - 2015-10-21 01:32 - 02870984 _____ (ESET) C:\Users\Normalne\Downloads\esetsmartinstaller_plk.exe
2015-10-20 23:40 - 2015-10-23 10:17 - 175064297 _____ C:\Windows\MEMORY.DMP
2015-10-20 23:40 - 2015-10-23 10:17 - 00000000 ____D C:\Windows\Minidump
2015-10-20 23:40 - 2015-10-20 23:40 - 00144784 _____ C:\Windows\Minidump\102115-21777-01.dmp
2015-10-20 23:03 - 2015-10-20 23:03 - 00000000 _____ C:\Users\Normalne\Desktop\3ez48qB4hj.txt
2015-10-20 22:33 - 2015-10-25 12:46 - 00000512 _____ C:\Windows\System32\Drivers\etc\hosts.ics
2015-10-20 22:31 - 2015-10-20 22:31 - 00000000 ____D C:\Program Files\JMicron
2015-10-20 22:31 - 2010-02-25 11:27 - 00098928 _____ (JMicron Technology Corp.) C:\Windows\System32\Drivers\JME.sys
2015-10-20 10:08 - 2015-10-20 10:08 - 00000000 ____D C:\Users\Normalne\Desktop\Old Firefox Data
2015-10-20 09:45 - 2015-10-20 09:45 - 00000000 ____D C:\Users\017\AppData\Roaming\Macromedia
2015-10-19 22:21 - 2015-10-19 23:11 - 00000188 _____ C:\Users\017\Desktop\Nowy dokument tekstowy.txt
2015-10-19 22:16 - 2015-10-19 22:25 - 00000000 ____D C:\Users\017\AppData\Local\Mozilla
2015-10-19 22:16 - 2015-10-19 22:16 - 00000000 ____D C:\Users\017\AppData\Roaming\Mozilla
2015-10-19 22:15 - 2015-10-25 18:42 - 00000000 ____D C:\users\017
2015-10-19 22:15 - 2015-10-19 22:26 - 00000000 ____D C:\Users\017\AppData\Local\VirtualStore
2015-10-19 22:15 - 2015-10-19 22:15 - 00084576 _____ C:\Users\017\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-19 22:15 - 2015-10-19 22:15 - 00000020 ___SH C:\Users\017\ntuser.ini
2015-10-19 22:15 - 2015-10-19 22:15 - 00000000 _SHDL C:\Users\017\Ustawienia lokalne
2015-10-19 22:15 - 2015-10-19 22:15 - 00000000 _SHDL C:\Users\017\Szablony
2015-10-19 22:15 - 2015-10-19 22:15 - 00000000 _SHDL C:\Users\017\Moje dokumenty
2015-10-19 22:15 - 2015-10-19 22:15 - 00000000 _SHDL C:\Users\017\Menu Start
2015-10-19 22:15 - 2015-10-19 22:15 - 00000000 _SHDL C:\Users\017\Documents\Moje wideo
2015-10-19 22:15 - 2015-10-19 22:15 - 00000000 _SHDL C:\Users\017\Documents\Moje obrazy
2015-10-19 22:15 - 2015-10-19 22:15 - 00000000 _SHDL C:\Users\017\Documents\Moja muzyka
2015-10-19 22:15 - 2015-10-19 22:15 - 00000000 _SHDL C:\Users\017\Dane aplikacji
2015-10-19 22:15 - 2015-10-19 22:15 - 00000000 _SHDL C:\Users\017\AppData\Local\Historia
2015-10-19 22:15 - 2015-10-19 22:15 - 00000000 _SHDL C:\Users\017\AppData\Local\Dane aplikacji
2015-10-19 22:15 - 2015-10-19 22:15 - 00000000 ____D C:\Users\017\AppData\Roaming\ATI
2015-10-19 22:15 - 2015-10-19 22:15 - 00000000 ____D C:\Users\017\AppData\Roaming\Andy
2015-10-19 22:15 - 2015-10-19 22:15 - 00000000 ____D C:\Users\017\AppData\Roaming\Adobe
2015-10-19 22:15 - 2015-10-19 22:15 - 00000000 ____D C:\Users\017\AppData\Local\GWX
2015-10-19 22:15 - 2015-10-19 22:15 - 00000000 ____D C:\Users\017\AppData\Local\ATI
2015-10-19 22:15 - 2015-10-19 22:15 - 00000000 ____D C:\Users\017\Andy
2015-10-18 22:04 - 2015-10-18 22:14 - 00000000 ____D C:\Users\016UK\AppData\Local\Mozilla
2015-10-18 22:04 - 2015-10-18 22:04 - 00000000 ____D C:\Users\016UK\AppData\Roaming\Mozilla
2015-10-18 22:01 - 2015-10-18 22:24 - 00000164 _____ C:\Users\016UK\Desktop\Nowy dokument tekstowy.txt
2015-10-18 21:58 - 2015-10-25 18:42 - 00000000 ____D C:\users\016UK
2015-10-18 21:58 - 2015-10-18 22:07 - 00000000 ____D C:\Users\016UK\AppData\Local\VirtualStore
2015-10-18 21:58 - 2015-10-18 21:58 - 00084576 _____ C:\Users\016UK\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-18 21:58 - 2015-10-18 21:58 - 00000020 ___SH C:\Users\016UK\ntuser.ini
2015-10-18 21:58 - 2015-10-18 21:58 - 00000000 _SHDL C:\Users\016UK\Ustawienia lokalne
2015-10-18 21:58 - 2015-10-18 21:58 - 00000000 _SHDL C:\Users\016UK\Szablony
2015-10-18 21:58 - 2015-10-18 21:58 - 00000000 _SHDL C:\Users\016UK\Moje dokumenty
2015-10-18 21:58 - 2015-10-18 21:58 - 00000000 _SHDL C:\Users\016UK\Menu Start
2015-10-18 21:58 - 2015-10-18 21:58 - 00000000 _SHDL C:\Users\016UK\Documents\Moje wideo
2015-10-18 21:58 - 2015-10-18 21:58 - 00000000 _SHDL C:\Users\016UK\Documents\Moje obrazy
2015-10-18 21:58 - 2015-10-18 21:58 - 00000000 _SHDL C:\Users\016UK\Documents\Moja muzyka
2015-10-18 21:58 - 2015-10-18 21:58 - 00000000 _SHDL C:\Users\016UK\Dane aplikacji
2015-10-18 21:58 - 2015-10-18 21:58 - 00000000 _SHDL C:\Users\016UK\AppData\Local\Historia
2015-10-18 21:58 - 2015-10-18 21:58 - 00000000 _SHDL C:\Users\016UK\AppData\Local\Dane aplikacji
2015-10-18 21:58 - 2015-10-18 21:58 - 00000000 ____D C:\Users\016UK\AppData\Roaming\ATI
2015-10-18 21:58 - 2015-10-18 21:58 - 00000000 ____D C:\Users\016UK\AppData\Roaming\Andy
2015-10-18 21:58 - 2015-10-18 21:58 - 00000000 ____D C:\Users\016UK\AppData\Roaming\Adobe
2015-10-18 21:58 - 2015-10-18 21:58 - 00000000 ____D C:\Users\016UK\AppData\Local\GWX
2015-10-18 21:58 - 2015-10-18 21:58 - 00000000 ____D C:\Users\016UK\AppData\Local\ATI
2015-10-18 21:58 - 2015-10-18 21:58 - 00000000 ____D C:\Users\016UK\Andy
2015-10-18 21:43 - 2015-10-18 21:44 - 00000102 _____ C:\Users\015UK\Desktop\aucti.txt
2015-10-17 12:09 - 2015-10-20 10:10 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-10-16 21:26 - 2015-10-16 21:26 - 00000000 ____D C:\Users\004\AppData\Local\GWX
2015-10-15 15:47 - 2015-10-15 15:47 - 00000000 ____D C:\Users\015UK\AppData\Local\GWX
2015-10-15 14:47 - 2015-10-18 13:47 - 18833096 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerInstaller.exe
2015-10-12 20:01 - 2015-10-12 20:06 - 00000000 ____D C:\Users\Normalne\Desktop\Ikea
2015-10-07 21:04 - 2015-10-10 13:39 - 00002248 ____H C:\Users\Normalne\Documents\Default.rdp
2015-10-07 19:34 - 2015-10-07 19:34 - 00000000 ____D C:\Users\014\AppData\Local\GWX
2015-10-06 19:56 - 2015-10-06 19:56 - 00000000 ____D C:\Users\Normalne\AppData\Local\GWX
2015-10-06 19:50 - 2015-10-06 19:50 - 00000000 ____D C:\Users\014\AppData\Roaming\Macromedia
2015-10-05 21:45 - 2015-10-16 18:42 - 00000243 _____ C:\Users\015UK\Desktop\Nowy dokument tekstowy.txt
2015-10-05 21:39 - 2015-10-15 18:01 - 00000000 ____D C:\Users\015UK\AppData\Local\Mozilla
2015-10-05 21:39 - 2015-10-05 21:39 - 00000000 ____D C:\Users\015UK\AppData\Roaming\Mozilla
2015-10-05 21:34 - 2015-10-25 18:42 - 00000000 ____D C:\users\015UK
2015-10-05 21:34 - 2015-10-05 21:36 - 00000000 ____D C:\Users\015UK\AppData\Local\VirtualStore
2015-10-05 21:34 - 2015-10-05 21:34 - 00084576 _____ C:\Users\015UK\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-05 21:34 - 2015-10-05 21:34 - 00000020 ___SH C:\Users\015UK\ntuser.ini
2015-10-05 21:34 - 2015-10-05 21:34 - 00000000 _SHDL C:\Users\015UK\Ustawienia lokalne
2015-10-05 21:34 - 2015-10-05 21:34 - 00000000 _SHDL C:\Users\015UK\Szablony
2015-10-05 21:34 - 2015-10-05 21:34 - 00000000 _SHDL C:\Users\015UK\Moje dokumenty
2015-10-05 21:34 - 2015-10-05 21:34 - 00000000 _SHDL C:\Users\015UK\Menu Start
2015-10-05 21:34 - 2015-10-05 21:34 - 00000000 _SHDL C:\Users\015UK\Documents\Moje wideo
2015-10-05 21:34 - 2015-10-05 21:34 - 00000000 _SHDL C:\Users\015UK\Documents\Moje obrazy
2015-10-05 21:34 - 2015-10-05 21:34 - 00000000 _SHDL C:\Users\015UK\Documents\Moja muzyka
2015-10-05 21:34 - 2015-10-05 21:34 - 00000000 _SHDL C:\Users\015UK\Dane aplikacji
2015-10-05 21:34 - 2015-10-05 21:34 - 00000000 _SHDL C:\Users\015UK\AppData\Local\Historia
2015-10-05 21:34 - 2015-10-05 21:34 - 00000000 _SHDL C:\Users\015UK\AppData\Local\Dane aplikacji
2015-10-05 21:34 - 2015-10-05 21:34 - 00000000 ____D C:\Users\015UK\AppData\Roaming\ATI
2015-10-05 21:34 - 2015-10-05 21:34 - 00000000 ____D C:\Users\015UK\AppData\Roaming\Andy
2015-10-05 21:34 - 2015-10-05 21:34 - 00000000 ____D C:\Users\015UK\AppData\Roaming\Adobe
2015-10-05 21:34 - 2015-10-05 21:34 - 00000000 ____D C:\Users\015UK\AppData\Local\ATI
2015-10-05 21:34 - 2015-10-05 21:34 - 00000000 ____D C:\Users\015UK\Andy
2015-10-05 21:22 - 2015-10-05 21:22 - 00000000 ____D C:\Program Files\predm
2015-10-05 21:19 - 2015-10-05 21:19 - 00000000 ____D C:\Users\Normalne\AppData\Local\CrashRpt
2015-10-05 21:18 - 2015-10-05 21:25 - 00000000 ____D C:\Users\Normalne\AppData\Roaming\Opera Software
2015-10-05 21:18 - 2015-10-05 21:25 - 00000000 ____D C:\Users\Normalne\AppData\Local\Opera Software
2015-10-05 21:14 - 2015-10-05 21:25 - 00000000 ____D C:\Program Files\Opera
2015-10-05 21:14 - 2015-10-05 21:15 - 00000000 ____D C:\Program Files\RayDld
2015-10-05 21:13 - 2015-10-21 02:06 - 00000000 ____D C:\Program Files\Windows Loader
2015-10-05 21:13 - 2015-10-05 21:13 - 00001130 _____ C:\Users\Normalne\Desktop\Continue installation .lnk
2015-10-01 22:58 - 2015-10-01 22:58 - 00000000 ____D C:\Users\Normalne\AppData\Local\Adobe
2015-10-01 22:57 - 2015-10-01 22:57 - 01190616 _____ (Adobe Systems Incorporated) C:\Users\Normalne\Downloads\flashplayer19_ha_install.exe
2015-09-30 23:00 - 2015-10-05 20:49 - 00000196 _____ C:\Users\014\Desktop\Nowy dokument tekstowy.txt
2015-09-30 22:46 - 2015-09-30 23:01 - 00000000 ____D C:\Users\014\AppData\Local\Mozilla
2015-09-30 22:46 - 2015-09-30 22:46 - 00000000 ____D C:\Users\014\AppData\Roaming\Mozilla
2015-09-30 22:29 - 2015-10-25 18:42 - 00000000 ____D C:\users\014
2015-09-30 22:29 - 2015-09-30 22:46 - 00000000 ____D C:\Users\014\AppData\Local\VirtualStore
2015-09-30 22:29 - 2015-09-30 22:29 - 00084576 _____ C:\Users\014\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-30 22:29 - 2015-09-30 22:29 - 00000020 ___SH C:\Users\014\ntuser.ini
2015-09-30 22:29 - 2015-09-30 22:29 - 00000000 _SHDL C:\Users\014\Ustawienia lokalne
2015-09-30 22:29 - 2015-09-30 22:29 - 00000000 _SHDL C:\Users\014\Szablony
2015-09-30 22:29 - 2015-09-30 22:29 - 00000000 _SHDL C:\Users\014\Moje dokumenty
2015-09-30 22:29 - 2015-09-30 22:29 - 00000000 _SHDL C:\Users\014\Menu Start
2015-09-30 22:29 - 2015-09-30 22:29 - 00000000 _SHDL C:\Users\014\Documents\Moje wideo
2015-09-30 22:29 - 2015-09-30 22:29 - 00000000 _SHDL C:\Users\014\Documents\Moje obrazy
2015-09-30 22:29 - 2015-09-30 22:29 - 00000000 _SHDL C:\Users\014\Documents\Moja muzyka
2015-09-30 22:29 - 2015-09-30 22:29 - 00000000 _SHDL C:\Users\014\Dane aplikacji
2015-09-30 22:29 - 2015-09-30 22:29 - 00000000 _SHDL C:\Users\014\AppData\Local\Historia
2015-09-30 22:29 - 2015-09-30 22:29 - 00000000 _SHDL C:\Users\014\AppData\Local\Dane aplikacji
2015-09-30 22:29 - 2015-09-30 22:29 - 00000000 ____D C:\Users\014\AppData\Roaming\ATI
2015-09-30 22:29 - 2015-09-30 22:29 - 00000000 ____D C:\Users\014\AppData\Roaming\Andy
2015-09-30 22:29 - 2015-09-30 22:29 - 00000000 ____D C:\Users\014\AppData\Roaming\Adobe
2015-09-30 22:29 - 2015-09-30 22:29 - 00000000 ____D C:\Users\014\AppData\Local\ATI
2015-09-30 22:29 - 2015-09-30 22:29 - 00000000 ____D C:\Users\014\Andy
2015-09-29 10:03 - 2015-09-29 10:06 - 00000049 _____ C:\Users\013 US\Desktop\Nowy dokument tekstowy.txt
2015-09-29 10:00 - 2015-09-29 10:08 - 00000000 ____D C:\Users\013 US\AppData\Local\Mozilla
2015-09-29 10:00 - 2015-09-29 10:00 - 00000000 ____D C:\Users\013 US\AppData\Roaming\Mozilla
2015-09-29 09:58 - 2015-10-25 18:42 - 00000000 ____D C:\users\013 US
2015-09-29 09:58 - 2015-09-29 09:59 - 00000000 ____D C:\Users\013 US\AppData\Local\VirtualStore
2015-09-29 09:58 - 2015-09-29 09:58 - 00084576 _____ C:\Users\013 US\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-29 09:58 - 2015-09-29 09:58 - 00000020 ___SH C:\Users\013 US\ntuser.ini
2015-09-29 09:58 - 2015-09-29 09:58 - 00000000 _SHDL C:\Users\013 US\Ustawienia lokalne
2015-09-29 09:58 - 2015-09-29 09:58 - 00000000 _SHDL C:\Users\013 US\Szablony
2015-09-29 09:58 - 2015-09-29 09:58 - 00000000 _SHDL C:\Users\013 US\Moje dokumenty
2015-09-29 09:58 - 2015-09-29 09:58 - 00000000 _SHDL C:\Users\013 US\Menu Start
2015-09-29 09:58 - 2015-09-29 09:58 - 00000000 _SHDL C:\Users\013 US\Documents\Moje wideo
2015-09-29 09:58 - 2015-09-29 09:58 - 00000000 _SHDL C:\Users\013 US\Documents\Moje obrazy
2015-09-29 09:58 - 2015-09-29 09:58 - 00000000 _SHDL C:\Users\013 US\Documents\Moja muzyka
2015-09-29 09:58 - 2015-09-29 09:58 - 00000000 _SHDL C:\Users\013 US\Dane aplikacji
2015-09-29 09:58 - 2015-09-29 09:58 - 00000000 _SHDL C:\Users\013 US\AppData\Local\Historia
2015-09-29 09:58 - 2015-09-29 09:58 - 00000000 _SHDL C:\Users\013 US\AppData\Local\Dane aplikacji
2015-09-29 09:58 - 2015-09-29 09:58 - 00000000 ____D C:\Users\013 US\AppData\Roaming\ATI
2015-09-29 09:58 - 2015-09-29 09:58 - 00000000 ____D C:\Users\013 US\AppData\Roaming\Andy
2015-09-29 09:58 - 2015-09-29 09:58 - 00000000 ____D C:\Users\013 US\AppData\Roaming\Adobe
2015-09-29 09:58 - 2015-09-29 09:58 - 00000000 ____D C:\Users\013 US\AppData\Local\ATI
2015-09-29 09:58 - 2015-09-29 09:58 - 00000000 ____D C:\Users\013 US\Andy
2015-09-29 09:40 - 2015-10-05 21:01 - 00000000 ____D C:\users\012 UK
2015-09-28 23:44 - 2015-09-28 23:44 - 00000000 ____D C:\Users\004\AppData\Roaming\Andy
2015-09-28 23:44 - 2015-09-28 23:44 - 00000000 ____D C:\Users\004\Andy
2015-09-28 23:43 - 2015-09-28 23:43 - 00000000 ____D C:\Users\005\AppData\Roaming\Andy
2015-09-28 23:43 - 2015-09-28 23:43 - 00000000 ____D C:\Users\005\Andy
2015-09-28 09:37 - 2015-10-15 15:58 - 00000226 _____ C:\Users\Normalne\Desktop\Prepaid.txt
2015-09-27 22:49 - 2015-09-28 23:49 - 00000000 ____D C:\users\011
2015-09-27 22:32 - 2015-09-28 23:42 - 00000000 ____D C:\Users\Normalne\Karty
2015-09-27 21:42 - 2015-09-27 21:44 - 00000000 ____D C:\Users\007\.VirtualBox
2015-09-27 21:42 - 2015-09-27 21:42 - 00000000 ____D C:\Users\007\.android
2015-09-27 21:41 - 2015-09-27 21:44 - 00000000 ____D C:\Users\007\AppData\Roaming\Andy
2015-09-27 21:41 - 2015-09-27 21:44 - 00000000 ____D C:\Users\007\Andy
2015-09-26 19:51 - 2015-09-26 19:53 - 00000000 ____D C:\Users\Normalne\.VirtualBox
2015-09-26 19:51 - 2015-09-26 19:51 - 00001624 _____ C:\Users\Public\Desktop\Start Andy.lnk
2015-09-26 19:51 - 2015-09-26 19:51 - 00000000 ____D C:\Users\Normalne\.android
2015-09-26 19:50 - 2015-07-10 12:31 - 00749152 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxDrv.sys
2015-09-26 19:49 - 2015-09-26 19:49 - 00000000 ____D C:\ProgramData\Apple
2015-09-26 19:49 - 2015-09-26 19:49 - 00000000 ____D C:\Program Files\Oracle
2015-09-26 19:49 - 2015-07-10 12:31 - 00104896 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxUSBMon.sys
2015-09-26 19:48 - 2015-09-26 19:49 - 01768016 _____ C:\Users\Normalne\Downloads\Andy_Android_Emulator_v45_32(2).exe
2015-09-26 19:46 - 2015-09-26 19:54 - 00000000 ____D C:\Users\Normalne\Andy
2015-09-26 19:46 - 2015-09-26 19:46 - 01768016 _____ C:\Users\Normalne\Downloads\Andy_Android_Emulator_v45_32(1).exe
2015-09-26 19:44 - 2015-09-26 19:46 - 00000000 ____D C:\Program Files\AndyOfflineInstaller45
2015-09-26 19:38 - 2015-09-27 17:28 - 00000000 ___RD C:\Users\Normalne\AppData\Roaming\Andy_45_Online
2015-09-26 19:38 - 2015-09-26 19:54 - 00000000 ____D C:\Users\Normalne\AppData\Roaming\Andy
2015-09-26 19:38 - 2015-09-26 19:48 - 00000000 ____D C:\Program Files\Andy
2015-09-26 19:38 - 2015-09-26 19:38 - 01768016 _____ C:\Users\Normalne\Downloads\Andy_Android_Emulator_v45_32.exe
2015-09-26 19:28 - 2015-09-26 19:28 - 00001813 _____ C:\Users\Public\Desktop\Apps.lnk
2015-09-26 19:28 - 2015-09-26 19:28 - 00001769 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk
2015-09-26 19:26 - 2015-09-26 19:26 - 00000000 ____D C:\ProgramData\BlueStacks
2015-09-26 19:26 - 2015-09-26 19:26 - 00000000 ____D C:\Program Files\BlueStacks
2015-09-26 19:25 - 2015-09-26 19:25 - 00000000 ____D C:\Users\Normalne\AppData\Local\Bluestacks
2015-09-26 19:24 - 2015-09-26 19:25 - 14634624 _____ (BlueStack Systems Inc.) C:\Users\Normalne\Downloads\ThinInstaller_native.exe
2015-09-25 20:06 - 2015-09-25 20:06 - 00000190 _____ C:\Users\006\Desktop\opis.txt

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2015-10-25 18:42 - 2015-09-17 20:53 - 00000000 ____D C:\users\007
2015-10-25 18:42 - 2015-09-17 20:42 - 00000000 ____D C:\users\006
2015-10-25 18:42 - 2015-09-14 21:15 - 00000000 ____D C:\users\005
2015-10-25 18:42 - 2015-09-10 11:53 - 00000000 ____D C:\users\004
2015-10-25 18:42 - 2015-09-09 11:45 - 00000000 ____D C:\users\Normalne
2015-10-25 18:42 - 2015-09-09 10:57 - 00000000 ____D C:\users\002
2015-10-25 13:36 - 2011-04-12 06:08 - 00739932 _____ C:\Windows\System32\perfh015.dat
2015-10-25 13:36 - 2011-04-12 06:08 - 00155474 _____ C:\Windows\System32\perfc015.dat
2015-10-25 13:36 - 2010-11-20 22:01 - 01668226 _____ C:\Windows\System32\PerfStringBackup.INI
2015-10-25 13:35 - 2015-09-14 20:34 - 00262144 _____ C:\Windows\System32\Ikeext.etl
2015-10-25 13:34 - 2015-04-15 19:47 - 00018337 _____ C:\Windows\setupact.log
2015-10-25 12:46 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\tracing
2015-10-23 11:41 - 2015-09-08 23:44 - 00000000 _____ C:\Windows\System32\authui.dll
2015-10-23 11:39 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\LogFiles
2015-10-23 10:20 - 2015-09-06 17:46 - 01482128 _____ C:\Windows\WindowsUpdate.log
2015-10-23 10:11 - 2009-07-14 05:34 - 00028320 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-23 10:11 - 2009-07-14 05:34 - 00028320 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-23 10:08 - 2015-09-10 22:05 - 00000000 ____D C:\Users\Normalne\AppData\Roaming\uTorrent
2015-10-23 10:04 - 2015-09-18 20:18 - 00000000 ____D C:\Users\Normalne\AppData\LocalLow\uTorrent
2015-10-23 10:02 - 2015-09-06 21:29 - 00002776 _____ C:\Windows\PFRO.log
2015-10-20 09:20 - 2015-09-06 21:45 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-10-19 22:58 - 2015-09-06 21:45 - 00001109 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-19 22:55 - 2015-09-06 18:28 - 00014618 _____ C:\Windows\DPINST.LOG
2015-10-19 22:10 - 2015-09-19 16:00 - 00000522 _____ C:\Users\Normalne\Desktop\proxy russia1.txt
2015-10-18 13:47 - 2015-09-09 00:39 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2015-10-18 13:47 - 2015-09-09 00:39 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2015-10-15 14:57 - 2015-09-19 16:00 - 00000606 _____ C:\Users\Normalne\Desktop\webmoney.txt
2015-09-29 22:38 - 2015-09-20 17:56 - 00000000 ____D C:\users\010UK (New ip & Num)
2015-09-29 22:14 - 2015-09-19 18:25 - 00000000 ____D C:\users\009
2015-09-28 23:41 - 2015-09-17 21:01 - 00000217 _____ C:\Users\007\Desktop\007 dobra do pp.txt
2015-09-26 21:20 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2015-09-26 20:25 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-09-26 19:28 - 2009-07-14 03:37 - 00000000 __RHD C:\Users\Public\Libraries
2015-09-26 11:10 - 2015-09-19 15:56 - 00000000 ____D C:\users\008
2015-09-25 20:02 - 2015-09-17 20:43 - 00000196 _____ C:\Users\006\Desktop\Nowy dokument tekstowy.txt

Niektóre pliki w TEMP:
====================
C:\Users\Normalne\AppData\Local\Temp\genteert.dll
C:\Users\Normalne\AppData\Local\Temp\Opera_NI_stable.exe


==================== Known DLLs (filtrowane) =========================


==================== Bamital & volsnap =================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\Windows\explorer.exe => MD5 jest poprawne
C:\Windows\System32\winlogon.exe => MD5 jest poprawne
C:\Windows\System32\wininit.exe => MD5 jest poprawne
C:\Windows\System32\svchost.exe => MD5 jest poprawne
C:\Windows\System32\services.exe
[2015-09-07 19:23] - [2015-04-13 04:19] - 0259072 ____A (Microsoft Corporation) 0780A42DBD7D9969F9BF4A19AA4285B5

C:\Windows\System32\User32.dll => MD5 jest poprawne
C:\Windows\System32\userinit.exe => MD5 jest poprawne
C:\Windows\System32\rpcss.dll => MD5 jest poprawne
C:\Windows\System32\dnsapi.dll => MD5 jest poprawne
C:\Windows\System32\Drivers\volsnap.sys => MD5 jest poprawne

==================== EXE - Powiązania (filtrowane) =============


==================== Punkty Przywracania systemu  =========================

Data punktu przywracania: 2015-10-19 22:54
Data punktu przywracania: 2015-10-19 22:55
Data punktu przywracania: 2015-10-21 02:41
Data punktu przywracania: 2015-10-23 10:06

==================== Statystyki pamięci =========================== 

Procent pamięci w użyciu: 12%
Całkowita pamięć fizyczna: 3948.57 MB
Dostępna pamięć fizyczna: 3449.18 MB
Całkowita pamięć wirtualna: 3946.86 MB
Dostępna pamięć wirtualna: 3452.37 MB

==================== Dyski ================================

Drive c: () (Fixed) (Total:100 GB) (Free:61.12 GB) NTFS
Drive e: () (Fixed) (Total:197.99 GB) (Free:197.9 GB) NTFS
Drive g: (CD_ROM) (Removable) (Total:1.85 GB) (Free:1.82 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)]

==================== MBR & Tablica partycji ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 98982EB3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=198 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 1.9 GB) (Disk ID: 003F5245)
Partition 1: (Active) - (Size=1.9 GB) - (Type=07 NTFS)


LastRegBack: 2015-10-10 14:04

==================== Koniec  FRST.txt ============================