Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 14-03-2017 Uruchomiony przez SYSTEM MININT-VR58EL4 (14-03-2017 18:30:45) Uruchomiony z E:\ Platform: Windows 10 Home Wersja 1607 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 Tryb startu: Recovery Domyślne: ControlSet001 [b]UWAGA!:=====> Jeśli system uruchamia się, FRST należy uruchomić z poziomu Trybu awaryjnego lub normalnego w celu utworzenia kompletnego raportu.[/b] Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-05-11] (Apple Inc.) HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239672 2017-02-27] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation) HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated) HKLM-x32\...\Run: [PWRISOVM.EXE] => E:\Programy\PowerISO\PWRISOVM.EXE -startup HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [TIDAL] => C:\ProgramData\SquirrelMachineInstalls\TIDAL.exe [61872528 2016-09-28] (TIDAL Music AS) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1870928 2016-12-23] (Adobe Systems Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => "E:\Programy\Hamachi\hamachi-2-ui.exe" --auto-start HKLM-x32\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [254776 2017-03-12] (AVG Technologies CZ, s.r.o.) HKLM\...\RunOnce: [GrpConv] => grpconv -o Startup: C:\Users\ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2016-05-10] ShortcutTarget: Curse.lnk -> C:\windows\system32\config\systemprofile\AppData\Roaming\Curse Client\Bin\Curse.exe (Brak pliku) BootExecute: autocheck autochk * bootdelete ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [9655648 2017-02-28] (Emsisoft Ltd) S2 ActiveSMART Service; C:\Program Files (x86)\ActiveSMART 2.97\ASmartService.exe [2062856 2014-09-07] (Ariolic Software, Ltd. (hxxp://www.ariolic.com)) S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated) S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) S2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [263720 2017-03-12] (AVG Technologies CZ, s.r.o.) S3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7197976 2017-03-12] (AVG Technologies CZ, s.r.o.) S2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1257384 2017-02-27] (AVG Technologies CZ, s.r.o.) S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [243984 2016-02-12] (EasyAntiCheat Ltd) S2 HitmanPro37CrusaderBoot; C:\Users\ja\Desktop\hitmanpro_x64.exe [11581544 2017-03-13] (SurfRight B.V.) S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes) S2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation) S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation) S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation) S2 Realtek11nSU; C:\Program Files (x86)\AirLive WL1600USB\AirLive WL1600USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) S2 ServiceSAM; C:\Program Files (x86)\Stronghold AntiMalware\StrongholdAntiMalwareService.exe [3564928 2017-03-10] () S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\Sh4Service.exe [859816 2017-03-14] (Enigma Software Group USA, LLC.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) S2 FoxitPhantomService; "E:\Programy\Foxit\Foxit PhantomPDF\FoxitConnectedPDFService.exe" [X] S2 Hamachi2Svc; E:\Programy\Hamachi\x64\hamachi-2.exe -s [X] S3 Origin Client Service; "E:\Programy\Origin\OriginClientService.exe" [X] ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AMFsFilter; C:\Windows\System32\DRIVERS\AMFsFilter.sys [26208 2017-03-10] (Security Stronghold) S0 asahci64; C:\Windows\System32\drivers\asahci64.sys [49760 2012-01-06] (Asmedia Technology) S1 avgbdisk; C:\Windows\system32\drivers\avgbdiska.sys [166136 2017-03-12] (AVG Technologies CZ, s.r.o.) S1 avgbidsdriver; C:\Windows\system32\drivers\avgbidsdrivera.sys [311592 2017-03-12] (AVG Technologies CZ, s.r.o.) S0 avgbidsh; C:\Windows\system32\drivers\avgbidsha.sys [192096 2017-03-12] (AVG Technologies CZ, s.r.o.) S0 avgblog; C:\Windows\system32\drivers\avgbloga.sys [336920 2017-03-12] (AVG Technologies CZ, s.r.o.) S0 avgbuniv; C:\Windows\system32\drivers\avgbuniva.sys [50848 2017-03-12] (AVG Technologies CZ, s.r.o.) S3 avgHwid; C:\Windows\system32\drivers\avgHwid.sys [39288 2017-03-12] (AVG Technologies CZ, s.r.o.) S2 avgMonFlt; C:\Windows\system32\drivers\avgMonFlt.sys [127584 2017-03-12] (AVG Technologies CZ, s.r.o.) S1 avgRdr; C:\Windows\system32\drivers\avgRdr2.sys [101624 2017-03-12] (AVG Technologies CZ, s.r.o.) S0 avgRvrt; C:\Windows\system32\drivers\avgRvrt.sys [76688 2017-03-12] (AVG Technologies CZ, s.r.o.) S1 avgSnx; C:\Windows\system32\drivers\avgSnx.sys [994592 2017-03-12] (AVG Technologies CZ, s.r.o.) S1 avgSP; C:\Windows\system32\drivers\avgSP.sys [549912 2017-03-12] (AVG Technologies CZ, s.r.o.) S2 avgStm; C:\Windows\system32\drivers\avgStm.sys [163512 2017-03-12] (AVG Technologies CZ, s.r.o.) S0 avgVmm; C:\Windows\system32\drivers\avgVmm.sys [338576 2017-03-12] (AVG Technologies CZ, s.r.o.) S1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [124552 2016-11-23] (Emsisoft Ltd) S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2017-03-14] () S3 Hamachi; C:\Windows\System32\drivers\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.) S4 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [54736 2017-03-14] () S2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [186304 2017-03-14] (Malwarebytes) S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-03-14] (Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-14] (Malwarebytes) S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92088 2017-03-14] (Malwarebytes) S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () S3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_b67dc924fff8de6d\nvlddmkm.sys [14199224 2017-01-04] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation) S3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation) S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek ) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) S3 idsvc; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-03-14 18:30 - 2017-03-14 18:30 - 00000000 ____D C:\FRST 2017-03-14 18:29 - 2017-03-14 18:29 - 00000000 _____ C:\Recovery.txt 2017-03-14 18:19 - 2017-03-14 18:19 - 02424832 _____ (Farbar) C:\Users\ja\Desktop\FRST.exe 2017-03-14 14:50 - 2017-03-14 14:57 - 00000000 ____D C:\Users\Public\Documents\Stronghold AntiMalware 2017-03-14 14:50 - 2017-03-14 14:50 - 00001377 _____ C:\Users\ja\Desktop\Stronghold AntiMalware.lnk 2017-03-14 14:50 - 2017-03-14 14:50 - 00000000 ____D C:\Program Files (x86)\Stronghold AntiMalware 2017-03-14 14:50 - 2017-03-10 15:32 - 00026208 _____ (Security Stronghold) C:\Windows\System32\Drivers\AMFsFilter.sys 2017-03-14 13:34 - 2017-03-14 13:34 - 00001132 _____ C:\Users\ja\Desktop\SpyHunter.lnk 2017-03-14 13:34 - 2017-03-14 13:34 - 00000000 ____D C:\Users\ja\AppData\Roaming\Enigma Software Group 2017-03-14 13:34 - 2017-03-14 13:34 - 00000000 ____D C:\sh4ldr 2017-03-14 13:33 - 2017-03-14 14:50 - 08398808 _____ (Security Stronghold ) C:\Users\ja\Desktop\StrongholdAntiMalware.exe 2017-03-14 13:33 - 2017-03-14 13:33 - 04615856 _____ (Enigma Software Group USA, LLC.) C:\Users\ja\Desktop\SpyHunter-Installer.exe 2017-03-14 13:33 - 2017-03-14 13:33 - 00022704 _____ C:\Windows\System32\Drivers\EsgScanner.sys 2017-03-14 13:33 - 2017-03-14 13:33 - 00000000 ____D C:\Program Files\Enigma Software Group 2017-03-14 13:21 - 2017-03-14 13:21 - 00012872 _____ (SurfRight B.V.) C:\Windows\System32\bootdelete.exe 2017-03-14 13:21 - 2017-03-14 13:21 - 00001226 _____ C:\Windows\System32\.crusader 2017-03-14 13:21 - 2017-03-14 13:21 - 00000800 _____ C:\Windows\System32\bootdelete.lst 2017-03-14 13:15 - 2017-03-14 13:15 - 00000000 __SHD C:\Users\ja\AppData\Local\EmieBrowserModeList 2017-03-13 19:08 - 2017-03-13 19:08 - 00000000 ____D C:\Windows\System32\%LOCALAPPDATA% 2017-03-13 18:36 - 2017-03-13 18:36 - 00000000 ____D C:\Users\ja\AppData\Local\ESET 2017-03-13 18:33 - 2017-03-13 18:36 - 06756992 _____ (ESET spol. s r.o.) C:\Users\ja\Desktop\ESETOnlineScanner_PLK.exe 2017-03-13 17:43 - 2017-03-14 13:18 - 00054736 _____ C:\Windows\System32\Drivers\hitmanpro37.sys 2017-03-13 17:43 - 2017-03-13 18:20 - 00000000 ____D C:\ProgramData\HitmanPro 2017-03-13 17:42 - 2017-03-14 13:14 - 00251840 _____ (Malwarebytes) C:\Windows\System32\Drivers\MBAMSwissArmy.sys 2017-03-13 17:42 - 2017-03-14 13:14 - 00186304 _____ (Malwarebytes) C:\Windows\System32\Drivers\MBAMChameleon.sys 2017-03-13 17:42 - 2017-03-14 13:14 - 00043968 _____ (Malwarebytes) C:\Windows\System32\Drivers\mbam.sys 2017-03-13 17:42 - 2017-03-14 13:13 - 00092088 _____ (Malwarebytes) C:\Windows\System32\Drivers\mwac.sys 2017-03-13 17:42 - 2017-03-13 18:29 - 04031440 _____ C:\Users\ja\Desktop\adwcleaner_6.044.exe 2017-03-13 17:42 - 2017-03-13 17:42 - 00111544 _____ (Malwarebytes) C:\Windows\System32\Drivers\farflt.sys 2017-03-13 17:42 - 2017-03-13 17:42 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-03-13 17:42 - 2017-03-13 17:42 - 00000000 ____D C:\Program Files\Malwarebytes 2017-03-13 17:42 - 2017-02-24 06:23 - 00077408 _____ C:\Windows\System32\Drivers\mbae64.sys 2017-03-13 17:40 - 2017-03-13 17:43 - 11581544 _____ (SurfRight B.V.) C:\Users\ja\Desktop\hitmanpro_x64.exe 2017-03-13 17:40 - 2017-03-13 17:42 - 57131432 _____ (Malwarebytes ) C:\Users\ja\Desktop\mb3-setup-consumer-3.0.6.1469-1075.exe 2017-03-13 17:09 - 2017-03-13 17:09 - 03448880 _____ C:\Users\ja\Desktop\avg_remover_slt.exe 2017-03-13 00:05 - 2017-03-13 17:30 - 00000000 ____D C:\Users\ja\Doctor Web 2017-03-13 00:03 - 2017-03-13 00:05 - 149005448 _____ C:\Users\ja\Desktop\r25sydzj.exe 2017-03-12 23:46 - 2017-03-13 00:13 - 00295520 _____ (Kaspersky Lab ZAO) C:\Users\ja\Desktop\salitykiller.exe 2017-03-12 23:00 - 2017-03-12 23:00 - 00000000 ____D C:\Users\ja\AppData\Roaming\AVG 2017-03-12 22:57 - 2017-03-12 22:58 - 00549912 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgsp.sys 2017-03-12 22:57 - 2017-03-12 22:57 - 00994592 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgSnx.sys 2017-03-12 22:57 - 2017-03-12 22:57 - 00399392 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\System32\avgBoot.exe 2017-03-12 22:57 - 2017-03-12 22:57 - 00338576 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgVmm.sys 2017-03-12 22:57 - 2017-03-12 22:57 - 00336920 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgbloga.sys 2017-03-12 22:57 - 2017-03-12 22:57 - 00311592 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgbidsdrivera.sys 2017-03-12 22:57 - 2017-03-12 22:57 - 00192096 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgbidsha.sys 2017-03-12 22:57 - 2017-03-12 22:57 - 00166136 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgbdiska.sys 2017-03-12 22:57 - 2017-03-12 22:57 - 00163512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgStm.sys 2017-03-12 22:57 - 2017-03-12 22:57 - 00127584 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgMonFlt.sys 2017-03-12 22:57 - 2017-03-12 22:57 - 00101624 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgRdr2.sys 2017-03-12 22:57 - 2017-03-12 22:57 - 00076688 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgRvrt.sys 2017-03-12 22:57 - 2017-03-12 22:57 - 00050848 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgbuniva.sys 2017-03-12 22:57 - 2017-03-12 22:57 - 00039288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgHwid.sys 2017-03-12 22:57 - 2017-03-12 22:57 - 00000348 ____H C:\Windows\Tasks\Antivirus Emergency Update.job 2017-03-12 22:55 - 2017-03-12 22:55 - 00000955 _____ C:\Users\Public\Desktop\AVG.lnk 2017-03-12 22:53 - 2017-03-12 22:55 - 00000000 ____D C:\Program Files (x86)\AVG 2017-03-12 22:53 - 2017-03-12 22:53 - 00000392 ____H C:\Windows\Tasks\AVG EUpdate Task.job 2017-03-12 22:52 - 2017-03-13 16:17 - 00000000 ____D C:\ProgramData\Avg 2017-03-12 22:52 - 2017-03-12 22:55 - 00000000 ____D C:\Users\ja\AppData\Local\AvgSetupLog 2017-03-12 22:52 - 2017-03-12 22:52 - 03449296 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ja\Desktop\Antivirus_Free_1892.exe 2017-03-12 22:52 - 2017-03-12 22:52 - 00000000 ____D C:\Users\ja\AppData\Local\Avg 2017-03-12 22:38 - 2017-03-12 22:38 - 02198504 _____ C:\Users\ja\Desktop\arcasosetup.exe 2017-03-12 22:38 - 2017-03-12 22:38 - 00001025 _____ C:\Users\ja\Desktop\Arcabit Skaner Online.lnk 2017-03-12 22:38 - 2017-03-12 22:38 - 00000000 ____D C:\ProgramData\Arcabit 2017-03-12 22:38 - 2017-03-12 22:38 - 00000000 ____D C:\Program Files\ArcabitSkanerOnline 2017-03-12 22:32 - 2017-03-12 22:32 - 00001478 _____ C:\Users\ja\Desktop\Zainstaluj Kaspersky Security Scan wersja 16.0.0.1344.lnk 2017-03-12 22:29 - 2017-03-12 22:32 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files 2017-03-12 22:22 - 2017-03-12 22:20 - 02671128 _____ (Kaspersky Lab) C:\Users\ja\Desktop\kss16.0.0.1344en_ru_de_fr_es_it_zh-hans_pl_tr_nl_cs_ko_id_pt_ar_vi_hi_zh-hant_fa_10519.exe 2017-03-12 22:22 - 2017-03-12 22:19 - 120046504 _____ (Arcabit Ltd.) C:\Users\ja\Desktop\arcabitsetup2.exe 2017-03-12 22:09 - 2017-03-14 13:15 - 00000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job 2017-03-12 16:58 - 2017-03-12 16:58 - 00000000 ____D C:\Users\ja\AppData\Roaming\.mplauncher 2017-03-12 16:57 - 2017-03-12 16:57 - 00106672 _____ (MP Launcher) C:\Users\ja\Desktop\MP Launcher.exe 2017-03-12 15:46 - 2017-03-12 15:46 - 00003994 _____ C:\Windows\System32\Tasks\Avast Emergency Update 2017-03-07 15:03 - 2017-03-07 15:03 - 00282921 _____ C:\Users\ja\Downloads\Sprawozdanie-makromolekuły-16-17.pdf 2017-03-06 17:02 - 2017-03-06 17:02 - 00000000 ____D C:\Users\ja\AppData\Local\Gaijin 2017-03-06 17:02 - 2017-03-06 17:02 - 00000000 ____D C:\ProgramData\Gaijin 2017-03-06 17:01 - 2017-03-06 17:01 - 00000641 _____ C:\Users\Public\Desktop\WarThunder.lnk 2017-03-05 23:39 - 2017-03-05 23:39 - 00352499 _____ C:\Users\ja\Downloads\CIII-CV-Ir_WF-BIOFIZYKA.pdf 2017-03-01 23:42 - 2017-03-02 17:55 - 00009470 _____ C:\Users\ja\Desktop\indeksy na fizjo.xlsx 2017-02-26 17:41 - 2017-02-26 17:42 - 00000000 ____D C:\Users\ja\Desktop\analiza anionów 2017-02-21 19:58 - 2017-02-21 19:58 - 00030478 _____ C:\Users\ja\Downloads\17.02 PLAN_LATO 16-17 IR.F..xlsx 2017-02-20 21:53 - 2016-12-29 14:06 - 00001951 _____ C:\Windows\NvContainerRecovery.bat 2017-02-20 21:53 - 2016-12-29 13:43 - 00133056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2017-02-20 19:04 - 2017-02-20 19:04 - 00000000 ____D C:\Users\ja\Desktop\biosyf 2017-02-20 18:24 - 2017-02-20 18:38 - 00000000 ____D C:\Users\ja\Desktop\sklejanie 2017-02-19 17:57 - 2017-02-19 17:57 - 00000887 _____ C:\Users\ja\AppData\Local\recently-used.xbel ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-03-14 18:28 - 2016-07-16 07:04 - 00786432 _____ C:\Windows\System32\config\BBI 2017-03-14 18:09 - 2016-08-03 08:58 - 00000000 ____D C:\Windows\System32\SleepStudy 2017-03-14 13:34 - 2016-08-03 09:00 - 00000000 ____D C:\users\ja 2017-03-14 13:24 - 2009-07-14 03:34 - 00000219 _____ C:\Windows\system.ini 2017-03-14 13:23 - 2015-04-03 14:12 - 00000000 ____D C:\AdwCleaner 2017-03-14 13:21 - 2015-12-23 10:49 - 00000000 ____D C:\Users\ja\AppData\Local\CrashDumps 2017-03-14 13:18 - 2016-08-03 09:00 - 05830026 _____ C:\Windows\System32\PerfStringBackup.INI 2017-03-14 13:18 - 2016-07-16 23:05 - 02651252 _____ C:\Windows\System32\perfh015.dat 2017-03-14 13:18 - 2016-07-16 23:05 - 00767078 _____ C:\Windows\System32\perfc015.dat 2017-03-14 13:15 - 2016-11-15 21:12 - 00000000 ____D C:\Users\ja\AppData\LocalLow\Mozilla 2017-03-14 13:13 - 2016-08-03 09:06 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-03-14 13:13 - 2016-08-03 08:59 - 00000000 ____D C:\ProgramData\NVIDIA 2017-03-14 13:13 - 2016-05-02 07:52 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware 2017-03-14 12:53 - 2017-01-10 16:36 - 00000000 ____D C:\ProgramData\Foxit Software 2017-03-13 17:42 - 2015-04-03 14:20 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-03-13 16:59 - 2016-07-09 19:02 - 00000000 ____D C:\Users\ja\AppData\Local\LogMeIn Hamachi 2017-03-13 16:08 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\AppReadiness 2017-03-13 15:56 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\registration 2017-03-12 22:59 - 2016-05-10 12:52 - 00000000 ____D C:\Users\ja\AppData\Roaming\Curse Client 2017-03-12 22:59 - 2014-07-12 21:04 - 00000000 ___RD C:\Users\ja\Dysk Google 2017-03-12 22:58 - 2013-12-10 17:22 - 00000000 ____D C:\ProgramData\AVAST Software 2017-03-12 22:55 - 2016-07-16 12:45 - 00000000 ____D C:\Windows\INF 2017-03-12 21:47 - 2013-12-06 22:58 - 00000000 ____D C:\Temp 2017-03-12 21:46 - 2016-08-03 09:06 - 00004074 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1464510391 2017-03-12 16:58 - 2013-12-06 22:50 - 00000000 ____D C:\Users\ja\AppData\Local\VirtualStore 2017-03-12 15:53 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-03-12 15:46 - 2013-12-10 17:35 - 00547904 _____ (AVAST Software) C:\Windows\System32\Drivers\aswsp.sys.148933002276504 2017-03-09 19:22 - 2016-08-03 09:03 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi 2017-03-09 19:22 - 2016-08-03 09:03 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi 2017-03-08 22:38 - 2016-09-30 18:00 - 00000000 ____D C:\Users\ja\Desktop\gotowe 2017-03-02 16:51 - 2016-08-04 12:15 - 00003996 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1470309303 2017-03-02 16:51 - 2016-08-04 12:00 - 00000000 ____D C:\Program Files (x86)\Opera 2017-02-23 22:25 - 2016-07-16 12:36 - 00000000 ____D C:\Windows\CbsTemp 2017-02-23 22:25 - 2013-12-09 19:56 - 00000000 ____D C:\Windows\System32\MRT 2017-02-23 22:23 - 2013-12-09 19:56 - 138020592 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe 2017-02-22 22:50 - 2013-12-06 22:17 - 00000000 ____D C:\ProgramData\Skype 2017-02-22 18:51 - 2016-12-11 14:37 - 00003268 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2 2017-02-20 21:54 - 2016-08-03 08:59 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2017-02-20 21:53 - 2016-08-03 08:59 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2017-02-20 21:53 - 2016-08-03 08:59 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-02-20 21:53 - 2016-03-10 23:04 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2017-02-19 17:58 - 2014-02-17 00:25 - 00000000 ____D C:\Users\ja\.gimp-2.8 Niektóre pliki w TEMP: ==================== 2016-11-02 11:49 - 2016-11-02 11:49 - 0737856 _____ (Oracle Corporation) C:\Users\ja\AppData\Local\Temp\jre-8u111-windows-au.exe 2016-03-10 23:04 - 2016-03-08 07:05 - 0721952 _____ (NVIDIA Corporation) C:\Users\ja\AppData\Local\Temp\nvSCPAPI.dll 2016-03-10 23:04 - 2016-03-08 07:05 - 0842272 _____ (NVIDIA Corporation) C:\Users\ja\AppData\Local\Temp\nvSCPAPI64.dll 2016-09-05 23:28 - 2016-03-08 07:05 - 0324032 _____ (NVIDIA Corporation) C:\Users\ja\AppData\Local\Temp\nvStInst.exe 2016-09-28 12:24 - 2016-09-28 12:24 - 61872528 _____ (TIDAL Music AS) C:\Users\ja\AppData\Local\Temp\TIDALSetup.exe 2016-10-26 10:57 - 2006-05-24 18:10 - 0455600 ____R (Macrovision Corporation) C:\Users\ja\AppData\Local\Temp\_is7044.exe ==================== Known DLLs (filtrowane) ========================= ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\System32\winlogon.exe [2017-01-10 21:23] - [2016-12-14 05:24] - 0673792 ____A (Microsoft Corporation) 917F081E2AB667C44F7D96DE1D16DFAE C:\Windows\System32\wininit.exe [2016-07-16 12:42] - [2016-07-16 12:42] - 0304240 ____A (Microsoft Corporation) 99A19C9A74E2F9820E501DCE77F84F70 C:\Windows\explorer.exe [2016-12-11 14:55] - [2016-11-11 10:56] - 4673304 ____A (Microsoft Corporation) 4E10FB1A015B49AC68F76C1A3F4D9C0F C:\Windows\SysWOW64\explorer.exe [2016-12-11 14:55] - [2016-11-11 08:41] - 4311736 ____A (Microsoft Corporation) AF46710DDB8B0E304AA4FD2B940CABD8 C:\Windows\System32\svchost.exe [2016-07-16 12:42] - [2016-07-16 12:42] - 0044496 ____A (Microsoft Corporation) 36F670D89040709013F6A460176767EC C:\Windows\SysWOW64\svchost.exe [2016-07-16 12:42] - [2016-07-16 12:42] - 0038792 ____A (Microsoft Corporation) 1F8434DD4907C832E6E90D6298EAB85B C:\Windows\System32\services.exe [2016-12-11 14:56] - [2016-11-11 10:51] - 0454592 ____A (Microsoft Corporation) 3C69CC28665854F1AAB4B4005005FA31 C:\Windows\System32\User32.dll [2016-12-15 16:40] - [2016-12-09 11:10] - 1461200 ____A (Microsoft Corporation) C46EA86BF0E7C96235E9064CBAD6ED26 C:\Windows\SysWOW64\User32.dll [2016-12-15 16:40] - [2016-12-09 10:52] - 1435896 ____A (Microsoft Corporation) 4BEC594A3D4AEAFAC400D88F7E328C7B C:\Windows\System32\userinit.exe [2016-07-16 12:42] - [2016-07-16 12:42] - 0033280 ____A (Microsoft Corporation) C1B1FFC800BE2F31EB2CF8CB40629C69 C:\Windows\SysWOW64\userinit.exe [2016-07-16 12:42] - [2016-07-16 12:42] - 0027648 ____A (Microsoft Corporation) FA900E6CCCF0A429D5B720C6F0E2274B C:\Windows\System32\rpcss.dll [2016-07-16 12:42] - [2016-07-16 12:42] - 0888320 ____A (Microsoft Corporation) 7BD259FC59CF9C2AE1B979564B374CC6 C:\Windows\System32\dnsapi.dll [2016-09-29 19:36] - [2016-09-15 18:30] - 0646136 ____A (Microsoft Corporation) 96B8A433F6407DE34850927C96C6CE9B C:\Windows\SysWOW64\dnsapi.dll [2016-09-29 19:36] - [2016-09-15 18:37] - 0496872 ____A (Microsoft Corporation) 227CFE3EDA82029AAC1C088A16297CD7 C:\Windows\System32\Drivers\volsnap.sys [2016-07-16 12:42] - [2016-07-16 12:42] - 0391520 ____A (Microsoft Corporation) BF2546583BB75F01DDA60A7921DFB230 ==================== Powiązania plików (filtrowane) ============= ==================== Punkty Przywracania systemu ========================= Data punktu przywracania: 2017-02-23 22:22 Data punktu przywracania: 2017-03-05 23:34 Data punktu przywracania: 2017-03-14 14:23 ==================== Statystyki pamięci =========================== Procent pamięci w użyciu: 10% Całkowita pamięć fizyczna: 8136.59 MB Dostępna pamięć fizyczna: 7269.57 MB Całkowita pamięć wirtualna: 8136.59 MB Dostępna pamięć wirtualna: 7315.16 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:238.37 GB) (Free:54.83 GB) NTFS Drive d: (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] Drive e: (ADATA UFD) (Removable) (Total:14.44 GB) (Free:14.43 GB) FAT32 Drive f: (Zapasowy) (Fixed) (Total:127.96 GB) (Free:127.66 GB) NTFS Drive g: (Nowy) (Fixed) (Total:302.73 GB) (Free:72.26 GB) NTFS Drive h: (Nowy) (Fixed) (Total:175.62 GB) (Free:0.7 GB) NTFS Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.49 GB) NTFS Drive y: (Nowy) (Fixed) (Total:325.2 GB) (Free:259.97 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F73BAA95) Partition 1: (Not Active) - (Size=325.2 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=302.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=175.6 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=128 GB) - (Type=OF Extended) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 9A5A4989) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows XP) (Size: 14.5 GB) (Disk ID: C3072E18) Partition 1: (Not Active) - (Size=14.5 GB) - (Type=0C) LastRegBack: 2017-03-05 23:33 ==================== Koniec FRST.txt ============================