Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 27-04-2017
Uruchomiony przez ☺Patryk☻ (administrator)  KOMPUTER (02-05-2017 06:17:04)
Uruchomiony z F:\Do poprawy działania systemu\Program do logów
Załadowane profile: ☺Patryk☻ (Dostępne profile: ☺Patryk☻ & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(CHENGDU YIWO Tech Development Co., Ltd) F:\Program do kopii zapasowej\Todo Backup\bin\Agent.exe
() C:\Program Files (x86)\MSI Gaming Series\Interceptor DS100\ETGMSrv.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Ellora Assets Corp.) F:\Do pobierania z FB\Freemake\CaptureLib\CaptureLibService.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() S:\Orange\Orange Connection\Orange Connection.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
() C:\Program Files (x86)\MSI Gaming Series\Interceptor DS100\MMon2.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Nero AG) F:\HTC SYNC\HSMServiceEntry.exe
() C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
() F:\Program do kopii zapasowej\Todo Backup\bin\TodoBackupService.exe
() C:\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSISvc64.exe
(MSI) C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI M-Cloud\MSI_Cloud_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
() C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSISvc32.exe
() F:\HTC SYNC\HTC Sync\adb.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Micro-Star INT'L CO., LTD.) F:\Live update\Live Update\MSI_LiveUpdate_Service.exe
(MSI) S:\Super Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\ProgramData\Orange Connection\OnlineUpdate\ouc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Intel Corporation) S:\sterowniki\IAStorIcon.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Rejestr (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [NahimicMSIUILauncher] => C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe [532448 2015-08-07] ()
HKLM\...\Run: [IAStorIcon] => S:\sterowniki\IAStorIcon.exe [323056 2015-11-04] (Intel Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9192960 2017-01-05] (Realtek Semiconductor)
HKLM-x32\...\Run: [MsiDS100gmmouseRun] => C:\Program Files (x86)\MSI Gaming Series\Interceptor DS100\mmon2.exe [3698176 2014-03-10] ()
HKU\S-1-5-21-1504953873-1658884247-1285567206-1000\...\Run: [Mobile Partner] => S:\Orange\Orange Connection\Orange Connection.exe [515072 2017-04-28] ()
ShellIconOverlayIdentifiers: [
 MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\˘Patryk˘\AppData\Local\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ShellIconOverlayIdentifiers: [
 MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\˘Patryk˘\AppData\Local\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ShellIconOverlayIdentifiers: [
 MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\˘Patryk˘\AppData\Local\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ShellIconOverlayIdentifiers-x32: [
 MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\˘Patryk˘\AppData\Local\MEGAsync\ShellExtX32.dll [2016-06-30] ()
ShellIconOverlayIdentifiers-x32: [
 MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\˘Patryk˘\AppData\Local\MEGAsync\ShellExtX32.dll [2016-06-30] ()
ShellIconOverlayIdentifiers-x32: [
 MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\˘Patryk˘\AppData\Local\MEGAsync\ShellExtX32.dll [2016-06-30] ()

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Tcpip\..\Interfaces\{25557395-90F7-49D1-A00F-477A829A63F5}: [NameServer] 194.204.159.1 194.204.152.34
Tcpip\..\Interfaces\{50CB3C29-B66A-4307-A8E5-987AF931641B}: [NameServer] 194.204.159.1 194.204.152.34
Tcpip\..\Interfaces\{58C02CBF-BCBF-46B9-8DBB-68AE04343296}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C1FF8DE9-D12D-4CC3-8407-904BBAF68B41}: [NameServer] 194.204.159.1 194.204.152.34
Tcpip\..\Interfaces\{DE2745D8-4942-404A-B858-6C09DD472BA0}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================

FireFox:
========
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-10] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-10] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: ChromeDefaultData
CHR Profile: C:\Users\Patryk\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-05-02] <==== UWAGA
CHR Extension: (Adobe Acrobat) - C:\Users\Patryk\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-05-02]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Patryk\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-02]
CHR Extension: (Chrome Media Router) - C:\Users\Patryk\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-02]
CHR Profile: C:\Users\Patryk\AppData\Local\Google\Chrome\User Data\Default [2017-05-02]
CHR Extension: (Prezentacje Google) - C:\Users\Patryk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-02]
CHR Extension: (Dokumenty Google) - C:\Users\Patryk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-02]
CHR Extension: (Arkusze Google) - C:\Users\Patryk\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\Patryk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-02]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Patryk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-02]
CHR Extension: (Gmail) - C:\Users\Patryk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-03]
CHR Profile: C:\Users\Patryk\AppData\Local\Google\Chrome\User Data\System Profile [2017-05-02]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Usługi (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [256568 2016-06-10] (Connectify)
R2 EaseUS Agent; F:\Program do kopii zapasowej\Todo Backup\bin\Agent.exe [36904 2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2771848 2016-11-16] (ESET)
R2 ETGMGlcsSrv; C:\Program Files (x86)\MSI Gaming Series\Interceptor DS100\ETGMSrv.exe [1181544 2012-04-24] ()
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2016-05-11] (Freemake) [Brak podpisu cyfrowego]
R2 FreemakeVideoCapture; F:\Do pobierania z FB\Freemake\CaptureLib\CaptureLibService.exe [9216 2016-05-11] (Ellora Assets Corp.) [Brak podpisu cyfrowego]
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-06-03] (Futuremark)
S3 GalaxyClientService; F:\GOG\GalaxyClient\GalaxyClientService.exe [284736 2017-02-01] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6625856 2016-12-02] (GOG.com)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [45008 2016-08-25] (Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2019792 2016-05-16] (Micro-Star INT'L CO., LTD.)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2718840 2016-10-13] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.exe [103168 2016-10-13] ()
R2 HTCMonitorService; f:\HTC SYNC\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
S2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] ()
S4 IAStorDataMgrSvc; S:\sterowniki\IAStorDataMgrSvc.exe [19440 2015-11-04] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-20] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [454872 2016-01-28] (Rivet Networks)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4173920 2016-06-02] (MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2200872 2016-02-01] (MSI)
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4160976 2016-04-18] (MSI)
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2014160 2016-03-04] (MSI)
R2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2328160 2016-07-01] (MSI)
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2076768 2016-06-02] (MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [598112 2016-06-02] (MSI)
R2 MSI_Cloud_Service; C:\Program Files (x86)\MSI\MSI M-Cloud\MSI_Cloud_Service.exe [97232 2015-06-30] (Micro-Star Int'l Co., Ltd.)
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [105296 2015-06-04] (MSI)
R2 MSI_LiveUpdate_Service; F:\Live update\Live Update\MSI_LiveUpdate_Service.exe [2286032 2017-01-23] (Micro-Star INT'L CO., LTD.)
S2 MSI_RAMDisk_Service; C:\Program Files (x86)\MSI\MSI RAMDisk\MSI_RAMDisk_Service.exe [69072 2015-07-09] (Micro-Star Int'l Co., Ltd.)
R2 MSI_SuperCharger; S:\Super Charger\ChargeService.exe [164304 2017-01-05] (MSI)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-10] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-02-23] (NVIDIA Corporation)
S2 Orange Connection. RunOuc; S:\Orange\Orange Connection\UpdateDog\ouc.exe [651856 2013-10-26] ()
S3 Origin Client Service; F:\Orgin\Origin\OriginClientService.exe [2124296 2017-04-15] (Electronic Arts)
S2 Origin Web Helper Service; F:\Orgin\Origin\OriginWebHelperService.exe [2185232 2017-04-15] (Electronic Arts)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Brak podpisu cyfrowego]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [19216 2015-07-07] (Intel(R) Corporation)

===================== Sterowniki (filtrowane) ======================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S3 AFTrafMgr1.1; C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_1_64.sys [54712 2016-10-04] (AnchorFree Inc.)
S3 ampa; C:\Windows\system32\ampa.sys [19568 2015-11-10] () [Brak podpisu cyfrowego]
S3 ampa; C:\Windows\SysWOW64\ampa.sys [19568 2015-11-10] () [Brak podpisu cyfrowego]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [147528 2016-01-24] (Rivet Networks, LLC.)
R1 cfywlan1; C:\Windows\System32\DRIVERS\cfywlan1.sys [36736 2016-06-19] (Connectify)
R1 cnnctfy3; C:\Windows\System32\DRIVERS\cnnctfy3.sys [43872 2016-06-19] (Connectify)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2016-03-30] (DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [262792 2016-11-16] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [197248 2016-11-16] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [181384 2016-11-16] (ESET)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-03-22] ()
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2015-12-10] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R3 hwusb_cdcacm; C:\Windows\System32\DRIVERS\ew_cdcacm.sys [125952 2014-07-25] (Huawei Technologies Co., Ltd.)
R3 hwusb_wwanecm; C:\Windows\System32\DRIVERS\ew_wwanecm.sys [380672 2014-09-30] (Huawei Technologies Co., Ltd.)
R3 I2cHkBurn; C:\Windows\System32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31728 2015-11-12] (Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [30224 2015-05-28] (Intel Corporation)
S3 KillerEth; C:\Windows\System32\DRIVERS\e24w7x64.sys [125488 2015-04-01] (Qualcomm Atheros, Inc.)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [186304 2017-05-02] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [111544 2017-05-02] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-05-02] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251832 2017-05-02] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [82720 2017-05-02] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [199736 2016-09-22] (Intel Corporation)
R3 NTIOLib_1_0_3; S:\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
R3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2017-01-20] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2016-08-14] ()
R2 RAMDriv; C:\Windows\System32\DRIVERS\ramdriv.sys [81912 2012-12-27] (Micro-Star Int'l Co., Ltd.)
R2 RAMDriv; C:\Windows\SysWOW64\DRIVERS\ramdriv.sys [81912 2012-12-27] (Micro-Star Int'l Co., Ltd.)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2016-05-27] (Anchorfree Inc.)
R3 usbglcs1100302; C:\Windows\System32\drivers\usbglcs1100302.sys [25600 2012-04-24] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2017-05-02 06:14 - 2017-05-02 06:14 - 00001251 _____ C:\Users\Patryk\Desktop\MalwareBytes1.txt
2017-05-02 06:11 - 2017-05-02 06:11 - 00001645 _____ C:\Users\Patryk\Desktop\Malwarebytes.txt
2017-05-02 06:04 - 2017-05-02 06:10 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-05-02 06:04 - 2017-05-02 06:10 - 00111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-05-02 06:04 - 2017-05-02 06:10 - 00082720 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-05-02 06:04 - 2017-05-02 06:10 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-05-02 06:04 - 2017-05-02 06:04 - 00186304 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-05-02 06:04 - 2017-05-02 06:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-02 06:04 - 2017-03-22 11:02 - 00077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-05-02 06:03 - 2017-05-02 06:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-02 06:03 - 2017-05-02 06:03 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-02 05:57 - 2017-05-02 05:58 - 00566128 _____ (Malwarebytes) C:\Users\Patryk\Downloads\mbam-clean-2.3.0.1001.exe
2017-05-02 05:47 - 2017-05-02 05:47 - 00001661 _____ C:\Users\Patryk\Desktop\AdwCleaner[S2].txt
2017-05-02 05:41 - 2017-05-02 05:41 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-05-02 05:24 - 2017-05-02 05:24 - 00009120 _____ C:\Users\Patryk\Downloads\session_buddy_backup_2017_05_02_05_24_53.json
2017-04-30 11:48 - 2017-04-30 12:08 - 132991806 _____ C:\Users\Patryk\Downloads\DBPolskaSubs - DBS88 HD.mp4
2017-04-30 10:01 - 2017-04-29 16:47 - 806070995 _____ C:\Users\Patryk\Downloads\Resident.Evil.The.Final.Chapter.2016.PL.BDRip.x264-KiT.mkv
2017-04-30 00:30 - 2017-04-30 01:47 - 733341696 _____ C:\Users\Patryk\Downloads\Guardians..2016..PLSUBBED.BRRip.Xvid.KLiO.avi
2017-04-29 06:10 - 2017-04-29 06:10 - 00847624 _____ C:\Windows\Minidump\042917-8174-01.dmp
2017-04-29 00:44 - 2017-04-29 01:46 - 733767680 _____ C:\Users\Patryk\Downloads\Rings.2017.PL.BDRip.XviD-KiT.avi
2017-04-28 19:59 - 2017-05-02 06:17 - 00000000 ____D C:\FRST
2017-04-28 19:30 - 2017-04-28 19:30 - 00000720 _____ C:\Users\Public\Desktop\Orange Connection.lnk
2017-04-28 19:30 - 2017-04-28 19:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orange Connection
2017-04-28 19:30 - 2014-09-30 13:21 - 00380672 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_wwanecm.sys
2017-04-28 19:30 - 2014-09-11 12:06 - 00457728 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys
2017-04-28 19:30 - 2014-08-21 10:10 - 00248320 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys
2017-04-28 19:30 - 2014-07-25 13:38 - 00125952 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_cdcacm.sys
2017-04-28 19:30 - 2013-11-30 13:40 - 00110592 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys
2017-04-28 19:30 - 2013-11-30 13:40 - 00091648 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys
2017-04-28 19:30 - 2013-11-30 13:40 - 00077312 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys
2017-04-28 19:30 - 2013-11-30 13:40 - 00030720 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys
2017-04-28 19:30 - 2013-11-30 13:25 - 00226176 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys
2017-04-28 19:30 - 2013-01-25 05:46 - 00109568 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys
2017-04-28 19:30 - 2012-12-22 06:16 - 00014976 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys
2017-04-28 19:30 - 2010-10-08 13:29 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys
2017-04-28 19:30 - 2010-09-26 14:39 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys
2017-04-28 19:24 - 2017-05-02 05:49 - 00000706 _____ C:\Users\Patryk\Desktop\JRT.txt
2017-04-28 19:18 - 2017-04-28 19:18 - 00031815 _____ C:\ComboFix.txt
2017-04-28 18:52 - 2017-04-28 18:52 - 00201157 _____ C:\Users\Patryk\Desktop\Instrukcja uzycia programu ComboFix.html
2017-04-28 18:52 - 2017-04-28 18:52 - 00000000 ____D C:\Users\Patryk\Desktop\Instrukcja uzycia programu ComboFix_files
2017-04-28 17:55 - 2017-04-28 17:55 - 00000000 ____D C:\Users\Patryk\AppData\Roaming\Google
2017-04-28 17:49 - 2017-05-02 05:46 - 00000000 ____D C:\AdwCleaner
2017-04-24 02:05 - 2017-04-24 02:42 - 733462528 _____ C:\Users\Patryk\Downloads\Lo.chiamavano.Jeeg.Robot.2015.PL.BDRip.XviD.KiT (1).avi
2017-04-24 01:26 - 2017-04-24 05:03 - 1789220128 _____ C:\Users\Patryk\Downloads\Raj.dla.par.2009.PL.BRRip.480p.XviD.AC3-LTN (1).avi
2017-04-23 20:40 - 2017-04-23 20:47 - 133159370 _____ C:\Users\Patryk\Downloads\DBPolskaSubs - DBS87 HD.mp4
2017-04-22 01:31 - 2017-04-22 04:34 - 1466925056 _____ C:\Users\Patryk\Downloads\Se7en.1995.PL.AC3.DVDRip.XviD-GR4PE.avi
2017-04-22 01:31 - 2017-04-22 04:15 - 1471190442 _____ C:\Users\Patryk\Downloads\Knight.And.Day.2010.PL.AC3.DVDRip.XviD-GR4PE.avi
2017-04-22 01:31 - 2017-04-22 02:44 - 733818880 _____ C:\Users\Patryk\Downloads\Ciemniejsza_Strona_Greya__2017___Napisy_PL__WEB-DL.XviD-KLiO.avi
2017-04-21 18:55 - 2017-04-21 18:55 - 00065068 _____ C:\Users\Patryk\Downloads\cw_2017_04_12035 (1).pdf
2017-04-17 19:19 - 2017-04-17 19:21 - 00000000 ____D C:\Users\Patryk\AppData\Local\Microsoft Games
2017-04-17 18:30 - 2017-04-17 06:30 - 798476288 _____ C:\Users\Patryk\Downloads\Frank.And.Lola.2016.PL.BDRiP.XViD-K12.avi
2017-04-17 00:16 - 2017-04-17 02:01 - 734091470 _____ C:\Users\Patryk\Downloads\Split.2016.PL.SUBBED.BRRip.XViD-MORS.avi
2017-04-16 13:37 - 2017-04-15 09:47 - 733956412 _____ C:\Users\Patryk\Downloads\Boyka Undisputed IV (2016) PL.SUBBED.WEBRIp.XViD-MORSS.avi
2017-04-16 13:02 - 2017-04-16 13:10 - 133354470 _____ C:\Users\Patryk\Downloads\DBPolskaSubs - DBS86 HD.mp4
2017-04-15 04:39 - 2017-04-15 04:39 - 00065068 _____ C:\Users\Patryk\Downloads\cw_2017_04_12035.pdf
2017-04-09 22:33 - 2017-04-09 22:33 - 00799896 _____ C:\Users\Patryk\Downloads\giphy (45).mp4
2017-04-09 19:15 - 2017-04-09 19:16 - 04245885 _____ C:\Users\Patryk\Downloads\giphy (44).mp4
2017-04-09 19:10 - 2017-04-09 19:10 - 00068569 _____ C:\Users\Patryk\Downloads\giphy (43).mp4
2017-04-09 14:44 - 2017-04-09 14:52 - 133124908 _____ C:\Users\Patryk\Downloads\DBPolskaSubs - DBS85 HD.mp4
2017-04-03 00:31 - 2017-04-03 00:31 - 01232569 _____ C:\Users\Patryk\Downloads\giphy (42).mp4
2017-04-02 20:04 - 2017-04-02 20:12 - 133313763 _____ C:\Users\Patryk\Downloads\DBPolskaSubs - DBS84 HD.mp4

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2017-05-02 06:16 - 2011-04-12 15:21 - 00765932 _____ C:\Windows\system32\perfh015.dat
2017-05-02 06:16 - 2011-04-12 15:21 - 00164612 _____ C:\Windows\system32\perfc015.dat
2017-05-02 06:16 - 2009-07-14 07:13 - 01732428 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-02 06:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-05-02 06:10 - 2016-08-15 04:45 - 00002988 _____ C:\Windows\System32\Tasks\MSIAfterburner
2017-05-02 06:10 - 2016-04-03 00:34 - 00000000 ____D C:\Users\Patryk\AppData\Local\CrashDumps
2017-05-02 06:09 - 2016-05-23 00:16 - 00000000 ____D C:\Users\Patryk\AppData\Local\HTC MediaHub
2017-05-02 06:09 - 2016-03-30 23:12 - 00000000 ____D C:\Users\Patryk\Documents\Assassin's Creed Unity
2017-05-02 06:09 - 2016-03-26 22:28 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-02 06:08 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-02 06:08 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-05-02 06:08 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-05-02 06:07 - 2016-07-03 07:40 - 00002383 _____ C:\Users\Patryk\Desktop\Patryk - Chrome.lnk
2017-05-02 06:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2017-05-02 05:39 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-05-02 05:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-05-02 05:11 - 2016-03-26 19:50 - 00000000 ____D C:\Users\Patryk
2017-05-02 05:10 - 2017-02-28 23:57 - 00000000 ____D C:\Users\Administrator
2017-05-02 05:10 - 2017-01-26 01:16 - 00000000 ____D C:\Users\Patryk\AppData\Roaming\TS3Client
2017-05-02 05:10 - 2016-05-23 00:49 - 00000000 ____D C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome
2017-05-02 05:10 - 2016-03-30 22:21 - 00000000 ____D C:\Users\Patryk\AppData\Roaming\AIMP3
2017-05-02 05:10 - 2016-03-27 01:33 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-05-02 05:10 - 2011-04-12 15:32 - 00000000 ___RD C:\Users\Public\Recorded TV
2017-05-02 05:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2017-04-30 11:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\ModemLogs
2017-04-29 06:10 - 2016-03-31 00:40 - 00000000 ____D C:\Windows\Minidump
2017-04-28 21:25 - 2016-03-26 21:36 - 00003480 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-28 21:25 - 2016-03-26 21:36 - 00003352 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-28 19:31 - 2016-03-26 20:30 - 00000000 ____D C:\ProgramData\DatacardService
2017-04-28 19:18 - 2016-08-09 17:00 - 00000000 ____D C:\Qoobox
2017-04-28 19:17 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2017-04-28 17:51 - 2016-03-28 09:55 - 00000000 ____D C:\ProgramData\YouTube Downloader
2017-04-28 16:31 - 2016-03-26 21:39 - 00002201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-28 16:31 - 2016-03-26 21:39 - 00002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-04-23 19:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2017-04-16 04:10 - 2016-03-31 01:47 - 00000000 ____D C:\Users\Patryk\AppData\Local\Ubisoft Game Launcher
2017-04-15 04:47 - 2016-08-28 02:41 - 00000000 ____D C:\Users\Patryk\AppData\Roaming\Origin
2017-04-15 04:47 - 2016-08-28 02:35 - 00000000 ____D C:\ProgramData\Origin
2017-04-14 19:29 - 2016-05-07 04:32 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-04-14 19:29 - 2016-05-07 04:32 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Pliki w katalogu głównym wybranych folderów =======

2016-04-10 18:06 - 2016-04-10 19:52 - 0003584 _____ () C:\Users\Patryk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-04-05 22:12 - 2016-08-09 16:44 - 0007597 _____ () C:\Users\Patryk\AppData\Local\Resmon.ResmonCfg
2016-03-26 22:36 - 2016-03-26 22:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-12-17 04:48 - 2017-02-15 01:33 - 0004984 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-17 04:48 - 2017-02-14 18:08 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

==================== Bamital & volsnap ======================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo
C:\Windows\explorer.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo
C:\Windows\system32\services.exe => Plik podpisany cyfrowo
C:\Windows\system32\User32.dll => Plik podpisany cyfrowo
C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo
C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo


UWAGA: ==> Nie można uzyskać dostępu do BCD. 

LastRegBack: 2017-04-23 17:41

==================== Koniec  FRST.txt ============================