Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:10-04-2016 01 Uruchomiony przez Bajan (administrator) G750 (11-04-2016 22:09:41) Uruchomiony z C:\Users\Bajan\Downloads Załadowane profile: Bajan (Dostępne profile: Bajan) Platform: Windows 10 Home Wersja 1511 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe (ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe (Valve Corporation) E:\Programy\Steam\Steam.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (ASUS) C:\Program Files\ASUS\ASUS GPU Tweak\GPUTweak.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Valve Corporation) E:\Programy\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3348712 2015-06-22] (ELAN Microelectronics Corp.) HKLM\...\Run: [Thunderbolt] => C:\Program Files\Intel\Thunderbolt Software\Thunderbolt.exe [767944 2013-10-25] (Intel Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397752 2016-03-24] (NVIDIA Corporation) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-07-08] (ESET) HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-05-15] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.) HKU\S-1-5-21-3747112732-852065818-843328708-1001\...\Run: [Steam] => E:\Programy\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation) HKU\S-1-5-21-3747112732-852065818-843328708-1001\...\Run: [ALLUpdate] => E:\Programy\ALLPlayer\ALLUpdate.exe [3670472 2015-07-28] (ALLPlayer Group Ltd.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{0976fe28-8121-4b57-99ee-d38ea24b9c67}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{4229b922-af27-44e0-bb0b-aca48620ab81}: [DhcpNameServer] 192.168.1.2 192.168.1.4 8.8.8.8 Tcpip\..\Interfaces\{E5781080-DB85-42C4-8CB1-3659C7ECE68C}: [DhcpNameServer] 10.77.0.254 Internet Explorer: ================== HKU\S-1-5-21-3747112732-852065818-843328708-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB HKU\S-1-5-21-3747112732-852065818-843328708-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-19] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation) FireFox: ======== FF ProfilePath: C:\Users\Bajan\AppData\Roaming\Mozilla\Firefox\Profiles\1o9enw8a.default-1441904796788 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-08] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.) FF Extension: Adblock Plus - C:\Users\Bajan\AppData\Roaming\Mozilla\Firefox\Profiles\1o9enw8a.default-1441904796788\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-03-04] Chrome: ======= CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=M191AFA8C-386D-4C06-AF7A-6C8DA97E394D&SearchSource=55&CUI=&UM=8&UP=SP1FAD61C9-73BA-4AE4-946C-A11F550D6A54&SSPV=SP2201TB_sp_ch&SSPV=SP2201TB_sp_ch CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Profile: C:\Users\Bajan\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Prezentacje Google) - C:\Users\Bajan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-23] CHR Extension: (Dokumenty Google) - C:\Users\Bajan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-23] CHR Extension: (Dysk Google) - C:\Users\Bajan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\Bajan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Adblock Plus) - C:\Users\Bajan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-09] CHR Extension: (Google Search) - C:\Users\Bajan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Arkusze Google) - C:\Users\Bajan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-23] CHR Extension: (Dokumenty Google offline) - C:\Users\Bajan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Bajan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02] CHR Extension: (Gmail) - C:\Users\Bajan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-23] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-08-29] (ASUS) S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [238376 2015-05-29] (EasyAntiCheat Ltd) R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1353720 2015-07-08] (ESET) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [361376 2015-09-30] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [Brak podpisu cyfrowego] R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation) S2 PinnacleUpdateSvc; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [438272 2015-08-06] (PowerUp Software, LLC) [Brak podpisu cyfrowego] S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [Brak podpisu cyfrowego] S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [814064 2015-12-22] (Tunngle.net GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [19192 2015-07-16] (Intel(R) Corporation) R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-01-02] (Atheros) [Brak podpisu cyfrowego] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 athr; C:\Windows\System32\drivers\athw10x.sys [4325544 2015-06-26] (Qualcomm Atheros Communications, Inc.) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-02-23] (ESET) R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-14] (ESET) R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169792 2015-02-23] (ESET) R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [222280 2015-02-23] (ESET) R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [53360 2015-07-14] (ESET) R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [72400 2015-07-14] (ESET) S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [100072 2013-08-02] (GenesysLogic) R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [30224 2015-05-28] (Intel Corporation) R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( ) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [183584 2015-06-12] (Intel Corporation) R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-08-29] (Windows (R) Win 7 DDK provider) R3 SaiMini; C:\Windows\System32\drivers\SaiMini.sys [25120 2013-04-30] (Saitek) R3 SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek) S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [11973 2016-03-27] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Brak podpisu cyfrowego] R3 tap0901t; C:\Windows\System32\drivers\tap0901t.sys [40568 2015-12-04] (Tunngle.net) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) S3 zttap200; C:\Windows\System32\drivers\zttap200.sys [31896 2014-03-05] () S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-04-11 22:09 - 2016-04-11 22:09 - 00014526 _____ C:\Users\Bajan\Downloads\FRST.txt 2016-04-11 22:04 - 2016-04-11 22:04 - 00014992 _____ C:\Users\Bajan\Downloads\Fixlog.txt 2016-04-11 22:03 - 2016-04-11 22:03 - 02375168 _____ (Farbar) C:\Users\Bajan\Downloads\FRST64.exe 2016-04-11 12:35 - 2016-04-11 12:35 - 00000000 ____D C:\Users\Bajan\AppData\Local\LOOT 2016-04-10 15:14 - 2016-04-10 15:14 - 00000000 ____D C:\Users\Bajan\AppData\Local\MercurySteam 2016-04-10 15:14 - 2016-04-10 15:14 - 00000000 ____D C:\Users\Bajan\AppData\Local\EMU 2016-04-10 15:00 - 2016-04-10 15:03 - 00000000 ____D C:\Users\Bajan\Documents\Endless Legend 2016-04-10 15:00 - 2016-04-10 15:00 - 00000000 ____D C:\Users\Bajan\AppData\LocalLow\AMPLITUDE Studios 2016-04-10 00:05 - 2016-04-10 00:05 - 00001750 _____ C:\Users\Public\Desktop\Mirror's Edge™.lnk 2016-04-09 23:59 - 2016-04-09 23:59 - 00000000 ____D C:\WINDOWS\E4D153288C89484BB9AAF5BE9EA6D01C.TMP 2016-04-09 23:30 - 2016-04-09 23:30 - 00000000 ____D C:\Users\Bajan\AppData\LocalLow\uTorrent 2016-04-09 23:18 - 2016-04-09 23:18 - 00001143 _____ C:\Users\Public\Desktop\Castlevania Lords of Shadow - Ultimate Edition.lnk 2016-04-09 20:11 - 2016-04-09 20:11 - 00000000 ____D C:\Users\Bajan\Documents\Hitman Blood Money 2016-04-09 20:08 - 2016-04-09 20:08 - 00098304 _____ (Sony DADC Austria AG.) C:\WINDOWS\SysWOW64\CmdLineExt.dll 2016-04-09 20:05 - 2016-04-09 20:05 - 00000441 _____ C:\Users\Public\Desktop\Launch Hitman Blood Money.lnk 2016-04-09 20:05 - 2016-04-09 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eidos 2016-04-09 00:07 - 2016-04-09 00:08 - 00000000 ____D C:\Users\Bajan\AppData\Roaming\Zeno.saga1 2016-04-09 00:01 - 2016-04-09 00:01 - 00000000 ____D C:\Users\Bajan\AppData\Roaming\TheBannerSaga 2016-04-08 21:30 - 2016-04-08 21:30 - 00000940 _____ C:\Users\Bajan\Desktop\The Banner Saga (Mod Content).lnk 2016-04-08 21:30 - 2016-04-08 21:30 - 00000837 _____ C:\Users\Bajan\Desktop\The Banner Saga.lnk 2016-04-08 21:30 - 2016-04-08 21:30 - 00000000 ____D C:\Users\Bajan\AppData\Roaming\The Banner Saga 2016-04-08 14:15 - 2016-04-08 14:15 - 00001548 _____ C:\Users\Bajan\Desktop\VSYNC.lnk 2016-04-02 22:31 - 2016-04-02 22:31 - 00000691 _____ C:\Users\Public\Desktop\Overlord II.lnk 2016-04-02 17:27 - 2016-04-02 17:27 - 00000891 _____ C:\Users\Public\Desktop\Kerbal Space Program.lnk 2016-04-02 16:20 - 2016-04-02 16:20 - 00000000 ____D C:\Users\Bajan\Desktop\saves 2016-04-02 16:20 - 2016-04-02 16:20 - 00000000 ____D C:\Users\Bajan\Desktop\MechJeb2 2016-04-01 20:29 - 2016-04-09 18:17 - 00000000 ____D C:\Users\Bajan\AppData\Local\HyperLightDrifter 2016-04-01 20:17 - 2016-04-01 20:17 - 00000873 _____ C:\Users\Public\Desktop\Hyper Light Drifter.lnk 2016-04-01 20:17 - 2016-04-01 20:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hyper Light Drifter [GOG.com] 2016-03-31 18:54 - 2016-03-31 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 2016-03-31 18:53 - 2016-03-31 18:54 - 00000000 ____D C:\WINDOWS\LastGood.Tmp 2016-03-31 18:52 - 2016-03-22 06:08 - 42923576 _____ C:\WINDOWS\system32\nvcompiler.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 37567424 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 31594432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 25350080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 21364536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 20906168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 20074728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 17755928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 17369448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 17349776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 17328008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 14226672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 10550552 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 08659472 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 02614208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 02260024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 01922496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436472.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436472.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 00960056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 00889400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 00786872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 00751552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 00695864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 00678520 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 00632336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 00572096 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 00425016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 00379448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 00379296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 00317656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 00176064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 00153392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll 2016-03-31 18:52 - 2016-03-22 06:08 - 00038050 _____ C:\WINDOWS\system32\nvinfo.pb 2016-03-31 18:52 - 2016-03-22 06:08 - 00000139 _____ C:\WINDOWS\SysWOW64\nv-vk32.json 2016-03-31 18:52 - 2016-03-22 06:08 - 00000139 _____ C:\WINDOWS\system32\nv-vk64.json 2016-03-31 11:47 - 2016-03-31 11:47 - 00000000 ____D C:\Users\Bajan\AppData\Roaming\ipla 2016-03-31 11:47 - 2016-03-31 11:47 - 00000000 ____D C:\ProgramData\RDRM 2016-03-31 11:46 - 2016-03-31 11:51 - 00000000 ____D C:\Program Files (x86)\ipla 2016-03-31 11:46 - 2016-03-31 11:46 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll 2016-03-29 21:46 - 2016-03-29 21:46 - 00000875 _____ C:\Users\Bajan\Desktop\The Walking Dead Michonne Episode 2.lnk 2016-03-29 21:46 - 2016-03-29 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Walking Dead Michonne Episode 2 2016-03-29 12:31 - 2016-03-29 12:31 - 00000000 ____D C:\Users\Bajan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sierra 2016-03-29 12:26 - 2016-03-29 12:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S.W.A.T. 4 2016-03-29 01:15 - 2016-03-29 01:15 - 00000000 ____D C:\Users\Bajan\AppData\Local\Activision 2016-03-28 19:24 - 2016-03-28 22:48 - 00000000 ____D C:\Users\Bajan\AppData\Local\Warframe 2016-03-28 16:47 - 2016-03-28 22:55 - 00000727 _____ C:\Users\Bajan\Desktop\VBM.lnk 2016-03-27 22:35 - 2016-04-06 00:47 - 00000681 _____ C:\Users\Bajan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VTM Bloodlines Unofficial Patch.lnk 2016-03-27 22:32 - 2016-03-27 22:32 - 00003212 _____ C:\WINDOWS\System32\Tasks\{5B1A65C5-C945-41DD-85B8-4D53D5162075} 2016-03-27 22:32 - 2016-03-27 22:32 - 00000254 _____ C:\WINDOWS\vtmb.ini 2016-03-27 22:32 - 2016-03-27 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vampire - The Masquerade Bloodlines 2016-03-27 12:13 - 2016-03-27 22:32 - 00011973 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\WINDOWS\SysWOW64\Drivers\SECDRV.SYS 2016-03-24 21:10 - 2016-03-24 21:10 - 00000775 _____ C:\Users\Bajan\Desktop\PTE Patch.lnk 2016-03-22 17:11 - 2016-03-22 17:11 - 00000000 ____D C:\Users\Bajan\Desktop\KF@ save 2016-03-18 14:55 - 2016-03-22 00:13 - 00000000 ____D C:\Users\Bajan\Desktop\Bajan 2016-03-16 23:30 - 2016-03-16 23:30 - 00128792 _____ C:\WINDOWS\SysWOW64\vulkan-1-1-0-5-1.dll 2016-03-16 23:29 - 2016-03-16 23:29 - 00127768 _____ C:\WINDOWS\system32\vulkan-1-1-0-5-1.dll 2016-03-16 23:29 - 2016-03-16 23:29 - 00041752 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-5-1.exe 2016-03-16 23:28 - 2016-03-16 23:28 - 00045848 _____ C:\WINDOWS\system32\vulkaninfo-1-1-0-5-1.exe 2016-03-15 00:21 - 2016-03-15 00:21 - 00000968 _____ C:\Users\Public\Desktop\Deus Ex - GMDX.lnk 2016-03-15 00:21 - 2016-03-15 00:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deus Ex - Total Graphic Overhaul 2016-03-15 00:21 - 2016-03-15 00:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deus Ex - GMDX 2016-03-15 00:11 - 2016-03-15 00:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deus Ex GOTY [GOG.com] 2016-03-15 00:11 - 2016-03-15 00:11 - 00000860 _____ C:\Users\Public\Desktop\Deus Ex GOTY.lnk 2016-03-13 22:16 - 2016-03-13 22:16 - 00000000 ____D C:\Users\Bajan\Documents\Endless Space 2016-03-13 21:56 - 2016-03-13 21:56 - 00000781 _____ C:\Users\Public\Desktop\Endless Space Gold.lnk 2016-03-13 21:56 - 2016-03-13 21:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amplitude Studios 2016-03-12 19:11 - 2016-03-12 19:11 - 00001170 _____ C:\Users\Bajan\Desktop\Wargame 2.lnk ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-04-11 22:09 - 2016-03-10 20:02 - 00000000 ____D C:\FRST 2016-04-11 22:07 - 2015-09-15 14:37 - 00000062 _____ C:\Users\Bajan\AppData\Roaming\sp_data.sys 2016-04-11 22:06 - 2015-07-31 12:31 - 00000000 __SHD C:\Users\Bajan\IntelGraphicsProfiles 2016-04-11 22:06 - 2015-06-23 13:12 - 00001062 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-04-11 22:05 - 2015-12-03 20:47 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-04-11 22:05 - 2015-12-03 20:32 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-04-11 22:05 - 2015-10-30 08:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-04-11 21:56 - 2015-09-14 12:01 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-04-11 21:53 - 2015-11-08 23:17 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server 2016-04-11 21:51 - 2015-06-23 13:12 - 00001066 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-04-11 21:48 - 2015-07-28 19:10 - 00007597 _____ C:\Users\Bajan\AppData\Local\Resmon.ResmonCfg 2016-04-11 20:44 - 2015-03-24 22:18 - 00000000 ____D C:\Users\Bajan\AppData\Roaming\Tunngle 2016-04-11 20:34 - 2015-03-23 16:15 - 00000156 _____ C:\Users\Public\GPUControlSetting.xml 2016-04-11 20:31 - 2015-12-03 20:36 - 00000000 ____D C:\Users\Bajan 2016-04-11 20:29 - 2015-12-03 20:33 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-04-11 20:29 - 2015-12-03 20:33 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-04-11 20:29 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF 2016-04-11 20:29 - 2015-09-07 23:53 - 00000000 ____D C:\Users\Bajan\AppData\Local\NVIDIA 2016-04-11 20:29 - 2015-03-23 16:15 - 00000000 ____D C:\Users\Bajan\AppData\Local\NVIDIA Corporation 2016-04-11 20:29 - 2015-01-13 08:50 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2016-04-11 19:54 - 2015-03-23 17:18 - 00000000 ____D C:\Users\Bajan\AppData\Roaming\uTorrent 2016-04-11 18:29 - 2015-09-01 14:30 - 00004200 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BB394E6D-E647-468B-B814-6E8CB16F73D4} 2016-04-11 16:37 - 2015-03-23 18:53 - 00000000 ____D C:\Users\Bajan\AppData\Local\CrashDumps 2016-04-11 13:20 - 2015-04-09 00:06 - 00000000 ____D C:\Users\Bajan\Documents\My Games 2016-04-11 13:17 - 2015-11-08 23:16 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner 2016-04-10 21:24 - 2015-04-12 19:36 - 00000000 ____D C:\Users\Bajan\AppData\Roaming\Skype 2016-04-10 00:25 - 2016-02-02 17:39 - 00000000 ____D C:\ProgramData\Tunngle 2016-04-10 00:06 - 2016-02-21 14:12 - 00000000 ____D C:\Users\Bajan\Documents\EA Games 2016-04-09 20:05 - 2015-01-13 08:44 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-04-09 15:13 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-04-09 00:01 - 2015-03-25 02:11 - 00000000 ____D C:\Users\Bajan\AppData\Local\SKIDROW 2016-04-08 23:53 - 2015-06-23 13:16 - 00002280 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-04-08 18:56 - 2015-09-14 12:01 - 00003916 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2016-04-08 14:10 - 2016-01-28 00:36 - 00000756 _____ C:\Users\Bajan\Desktop\Dragons Dogma Dark Arisen.lnk 2016-04-08 13:02 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-04-07 17:55 - 2015-10-30 21:19 - 00818302 _____ C:\WINDOWS\system32\perfh015.dat 2016-04-07 17:55 - 2015-10-30 21:19 - 00157970 _____ C:\WINDOWS\system32\perfc015.dat 2016-04-07 17:55 - 2015-07-31 12:27 - 01845594 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-04-07 17:44 - 2016-01-16 20:52 - 00000000 ____D C:\Users\Bajan\AppData\Local\Ubisoft Game Launcher 2016-04-07 13:54 - 2015-12-03 20:28 - 00278536 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-04-06 14:00 - 2015-11-03 01:59 - 00000000 ____D C:\Users\Bajan\AppData\Roaming\SmartSteamEmu 2016-04-05 20:31 - 2015-10-08 22:39 - 00000699 _____ C:\Users\Bajan\Desktop\System Shock 2.lnk 2016-04-05 20:31 - 2015-10-08 22:39 - 00000000 ____D C:\Users\Bajan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Shock 2 2016-04-02 21:22 - 2015-10-26 21:23 - 00000000 ____D C:\Users\Bajan\AppData\Local\Personal_use_only_(Darean 2016-03-31 18:54 - 2016-03-10 21:02 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2016-03-31 18:54 - 2015-12-03 20:33 - 00000000 ____D C:\ProgramData\NVIDIA 2016-03-31 18:40 - 2016-02-02 17:39 - 00001142 _____ C:\Users\Public\Desktop\Tunngle.lnk 2016-03-30 17:27 - 2015-03-24 22:23 - 00000000 _____ C:\WINDOWS\SysWOW64\Access.dat 2016-03-29 23:55 - 2015-12-13 15:39 - 00001049 _____ C:\Users\Bajan\Desktop\PD2.lnk 2016-03-29 12:14 - 2015-03-23 16:14 - 00000000 ____D C:\Users\Bajan\AppData\Local\Packages 2016-03-28 16:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2016-03-26 09:22 - 2015-03-26 00:50 - 00000000 ____D C:\Users\Bajan\AppData\Roaming\Steam 2016-03-25 03:23 - 2015-11-11 23:36 - 12659136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2016-03-24 19:30 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-03-23 20:02 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-03-22 06:08 - 2015-11-11 23:36 - 03685280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2016-03-22 06:08 - 2015-11-11 23:36 - 03263480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2016-03-22 04:37 - 2015-12-03 20:33 - 06369728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2016-03-22 04:37 - 2015-12-03 20:33 - 02994744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2016-03-22 04:37 - 2015-12-03 20:33 - 02561472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2016-03-22 04:37 - 2015-12-03 20:33 - 01265720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2016-03-22 04:37 - 2015-12-03 20:33 - 00530880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2016-03-22 04:37 - 2015-12-03 20:33 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2016-03-22 04:37 - 2015-12-03 20:33 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2016-03-22 04:37 - 2015-12-03 20:33 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2016-03-21 21:47 - 2015-03-23 16:14 - 00000000 ____D C:\Users\Bajan\AppData\Local\VirtualStore 2016-03-21 21:37 - 2015-03-24 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2016-03-21 21:32 - 2015-04-20 22:59 - 00000000 _____ C:\Users\Bajan\.JarClassLoader 2016-03-21 21:31 - 2015-04-20 20:52 - 00004956 _____ C:\Users\Bajan\fsoinstaller.properties 2016-03-20 17:20 - 2016-03-10 20:09 - 00000000 ____D C:\WINDOWS\Minidump 2016-03-18 13:44 - 2015-12-03 20:33 - 06253721 _____ C:\WINDOWS\system32\nvcoproc.bin 2016-03-16 23:30 - 2016-03-10 21:02 - 00128792 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2016-03-16 23:29 - 2016-03-10 21:02 - 00127768 _____ C:\WINDOWS\system32\vulkan-1.dll 2016-03-16 23:29 - 2016-03-10 21:02 - 00041752 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2016-03-16 23:28 - 2016-03-10 21:02 - 00045848 _____ C:\WINDOWS\system32\vulkaninfo.exe 2016-03-15 00:49 - 2015-10-27 02:01 - 00000000 ____D C:\Users\Bajan\Documents\Deus Ex 2016-03-14 17:24 - 2016-02-02 17:39 - 00000000 ____D C:\Program Files (x86)\Tunngle ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-09-15 14:37 - 2016-04-11 22:07 - 0000062 _____ () C:\Users\Bajan\AppData\Roaming\sp_data.sys 2015-05-06 14:51 - 2015-05-06 14:51 - 0000000 ___SH () C:\Users\Bajan\AppData\Local\LumaEmu 2015-07-28 19:10 - 2016-04-11 21:48 - 0007597 _____ () C:\Users\Bajan\AppData\Local\Resmon.ResmonCfg 2015-12-03 20:32 - 2015-12-03 20:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2014-05-15 19:14 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd 2014-05-15 19:14 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe 2014-05-15 19:14 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-04-11 21:14 ==================== Koniec FRST.txt ============================