Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 12.02.2018 Uruchomiony przez AMDK (administrator) AMDK-KOMPUTER (16-02-2018 14:25:56) Uruchomiony z C:\Users\AMDK\Downloads Załadowane profile: AMDK & UpdatusUser (Dostępne profile: AMDK & UpdatusUser) Platform: Windows 7 Ultimate Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 10 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS) C:\Program Files\P4G\BatteryLife.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (ACD Systems) C:\Program Files\ACD Systems\ACDSee Video Studio 2\acdIDInTouch2.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Malwarebytes) D:\Downloads\adwcleaner_7.0.8.0.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [617120 2011-03-13] (Atheros Communications) HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-13] (Atheros Commnucations) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11855976 2011-05-17] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-05-17] (Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated) HKLM\...\Run: [VCVS02EN] => C:\Program Files\ACD Systems\ACDSee Video Studio 2\acdIDInTouch2.exe [2154952 2016-11-03] (ACD Systems) HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS) HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS) HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS) HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [465544 2016-02-10] (Power Software Ltd) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4174464 2017-05-23] (Safer-Networking Ltd.) HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3222448 2017-10-12] (Dominik Reichl) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-1667539775-1210465141-673175957-1000\...\Policies\Explorer: [DisableThumbnails] 0 HKU\S-1-5-21-1667539775-1210465141-673175957-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-1667539775-1210465141-673175957-1000\...\Policies\Explorer: [TaskbarNoNotification] 1 HKU\S-1-5-21-1667539775-1210465141-673175957-1000\...\Policies\Explorer: [NoWindowsUpdate] 1 AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [226920 2011-05-11] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [193128 2011-05-11] (NVIDIA Corporation) InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\more.url -> URL: hxxp://adf.ly/pRzv6 ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{59CA6EBF-C75F-4D38-9389-4A6343148576}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-1667539775-1210465141-673175957-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-9.0.4\bin\ssv.dll => Brak pliku BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-9.0.4\bin\jp2ssv.dll [2018-02-09] (Oracle Corporation) BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13] (Atheros Commnucations) FireFox: ======== FF DefaultProfile: bujbffyr.default-1518786441298 FF ProfilePath: C:\Users\AMDK\AppData\Roaming\Mozilla\Firefox\Profiles\bujbffyr.default-1518786441298 [2018-02-16] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_170.dll [2017-10-24] () FF Plugin: @java.com/DTPlugin,version=12.0.4.0 -> C:\Program Files\Java\jre-9.0.4\bin\dtplugin\npDeployJava1.dll [2018-02-09] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=12.0.4.0 -> C:\Program Files\Java\jre-9.0.4\bin\plugin2\npjp2.dll [2018-02-09] (Oracle Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_170.dll [2017-10-24] () FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-09-19] (Adobe Systems) ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros) [Brak podpisu cyfrowego] R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [Brak podpisu cyfrowego] R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2771848 2017-10-20] (ESET) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1776864 2017-05-23] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2131760 2017-05-23] (Safer-Networking Ltd.) S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233936 2017-05-23] (Safer-Networking Ltd.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 b06diag; C:\Windows\system32\drivers\bxdiaga.sys [88104 2012-03-08] (Broadcom Corporation) S3 BFN7x64; C:\Windows\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc.) S3 BFNVis64; C:\Windows\system32\drivers\XenoVa64.sys [157288 2012-02-22] (Bigfoot Networks, Inc.) S3 bxfcoe; C:\Windows\system32\drivers\bxfcoe.sys [178216 2012-02-22] (Broadcom Corporation) S3 bxois; C:\Windows\system32\drivers\bxois.sys [539176 2012-02-22] (Broadcom Corporation) S3 cbaf; C:\Windows\System32\Drivers\cbaf.sys [15872 2008-01-09] (Intel Corp.) S3 dfuuwb; C:\Windows\System32\Drivers\DfuUWB.sys [503296 2008-09-11] (Intel Corp.) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [262792 2017-10-20] (ESET) R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [199304 2017-10-20] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [197248 2017-10-20] (ESET) R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [181384 2017-10-20] (ESET) S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-08-07] (Etron Technology Inc) S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [77040 2012-11-02] (Fresco Logic) S3 HWA; C:\Windows\System32\Drivers\HWA.sys [61440 2008-09-29] (Intel Corp.) S3 IAMTVE; C:\Windows\system32\drivers\IAMTVE.sys [43416 2007-04-11] (Intel Corporation) S3 IAMTXPE; C:\Windows\system32\drivers\IAMTXPE.sys [51096 2007-04-11] (Intel Corporation) S3 IFCoEMP; C:\Windows\system32\drivers\ifM60x64.sys [387344 2012-04-21] (Intel(R) Corporation) S3 IFCoEVB; C:\Windows\system32\drivers\ifP60X64.sys [77584 2012-04-21] (Intel(R) Corporation) S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation) S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation) S3 SISAGP; C:\Windows\system32\drivers\SISAGPX.sys [67104 2009-08-01] (Silicon Integrated Systems Corporation) S3 uagp35; C:\Windows\system32\drivers\sisagpx.sys [67104 2009-08-01] (Silicon Integrated Systems Corporation) S3 uwbusb; C:\Windows\System32\Drivers\usbuwbmini.sys [13312 2008-09-15] (Intel Corp.) R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [631200 2017-10-21] (IDRIX) S3 viaagp1; C:\Windows\system32\drivers\viaagp1.sys [59392 2005-09-23] (VIA Technologies, Inc.) S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [210944 2012-05-30] (VIA Technologies, Inc.) S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [261120 2012-05-30] (VIA Technologies, Inc.) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-02-16 14:25 - 2018-02-16 14:26 - 000012476 _____ C:\Users\AMDK\Downloads\FRST.txt 2018-02-16 14:25 - 2018-02-16 14:25 - 000000000 ____D C:\FRST 2018-02-16 14:24 - 2018-02-16 14:24 - 002405376 _____ (Farbar) C:\Users\AMDK\Downloads\FRST64.exe 2018-02-16 14:08 - 2018-02-16 14:08 - 000000000 ___RD C:\Users\AMDK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2018-02-16 14:02 - 2018-02-16 14:20 - 000000000 ____D C:\AdwCleaner 2018-02-16 13:53 - 2018-02-16 13:53 - 000000131 _____ C:\Users\AMDK\Desktop\FIX.REG 2018-02-16 13:52 - 2018-02-16 13:52 - 000000000 _____ C:\Users\AMDK\Desktop\Nowy dokument tekstowy.txt 2018-02-12 22:14 - 2018-02-12 22:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2018-02-12 22:13 - 2018-02-12 22:14 - 000000000 ____D C:\Program Files (x86)\7-Zip 2018-02-09 18:27 - 2018-02-09 18:27 - 000000000 _____ C:\Users\AMDK\cd 2018-02-09 17:58 - 2018-02-09 17:58 - 000000000 ____D C:\Users\AMDK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Android SDK Tools 2018-02-09 17:46 - 2018-02-09 17:46 - 000144448 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2018-02-09 17:46 - 2018-02-09 17:46 - 000000000 ____D C:\Users\AMDK\AppData\Roaming\Sun 2018-02-09 17:46 - 2018-02-09 17:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2018-02-09 17:45 - 2018-02-09 17:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2018-02-09 17:45 - 2018-02-09 17:45 - 000000000 ____D C:\Users\AMDK\AppData\LocalLow\Sun 2018-02-09 17:45 - 2018-02-09 17:45 - 000000000 ____D C:\Users\AMDK\AppData\LocalLow\Oracle 2018-02-09 17:45 - 2018-02-09 17:45 - 000000000 ____D C:\ProgramData\Oracle 2018-02-09 17:45 - 2018-02-09 17:45 - 000000000 ____D C:\Program Files\Java 2018-02-09 17:26 - 2018-02-09 18:14 - 000000000 ____D C:\Users\AMDK\.android 2018-02-09 17:26 - 2018-02-09 17:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio 2018-02-09 17:25 - 2018-02-09 17:25 - 000000000 ____D C:\Program Files\Android 2018-02-09 16:27 - 2018-02-09 18:24 - 000000000 ____D C:\SDK 2018-02-09 10:26 - 2018-02-09 10:26 - 000000000 ____D C:\Program Files (x86)\Lame For Audacity 2018-02-09 09:32 - 2018-02-09 09:32 - 000000000 ____D C:\Users\AMDK\Documents\ACDSee Video Studio 2 2018-02-09 09:32 - 2015-07-18 14:08 - 000984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll 2018-02-09 09:32 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll 2018-02-09 09:28 - 2018-02-09 09:28 - 000001177 _____ C:\Users\Public\Desktop\ACDSee Video Recorder 2.lnk 2018-02-09 09:28 - 2018-02-09 09:28 - 000001158 _____ C:\Users\Public\Desktop\ACDSee Video Studio 2.lnk 2018-02-09 09:28 - 2018-02-09 09:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems 2018-02-09 09:28 - 2018-02-09 09:28 - 000000000 ____D C:\Program Files\ACD Systems 2018-02-09 08:52 - 2018-02-16 14:08 - 000000342 _____ C:\Windows\Tasks\Connect.job 2018-02-09 08:52 - 2018-02-09 08:52 - 000002734 _____ C:\Windows\System32\Tasks\Connect 2018-02-09 08:52 - 2018-02-09 08:52 - 000000000 ____D C:\ProgramData\simplitec 2018-02-09 08:52 - 2018-02-09 08:52 - 000000000 ____D C:\ProgramData\Magix 2018-02-09 08:52 - 2018-02-09 08:52 - 000000000 ____D C:\Program Files (x86)\MAGIX 2018-02-09 08:49 - 2018-02-09 08:49 - 000000000 ____D C:\Users\AMDK\AppData\Roaming\Sony 2018-02-09 08:44 - 2018-02-09 08:44 - 000000000 ____D C:\Users\AMDK\Documents\MAGIX Downloads 2018-02-09 08:44 - 2018-02-09 08:44 - 000000000 ____D C:\Users\AMDK\AppData\Roaming\MAGIX 2018-01-27 15:27 - 2018-01-27 15:27 - 000000000 ____D C:\Users\AMDK\AppData\Roaming\NVIDIA 2018-01-27 15:27 - 2018-01-27 15:27 - 000000000 ____D C:\Users\AMDK\AppData\Roaming\LibreOffice 2018-01-27 15:26 - 2018-01-27 15:26 - 000001434 _____ C:\Users\Public\Desktop\LibreOffice 5.4.lnk 2018-01-27 15:26 - 2018-01-27 15:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.4 2018-01-27 15:26 - 2018-01-27 15:26 - 000000000 ____D C:\Program Files\LibreOffice 5 ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-02-16 14:15 - 2010-11-21 13:53 - 000687828 _____ C:\Windows\system32\perfh015.dat 2018-02-16 14:15 - 2010-11-21 13:53 - 000131382 _____ C:\Windows\system32\perfc015.dat 2018-02-16 14:15 - 2009-07-14 06:13 - 001523412 _____ C:\Windows\system32\PerfStringBackup.INI 2018-02-16 14:15 - 2009-07-14 05:45 - 000026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-02-16 14:15 - 2009-07-14 05:45 - 000026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-02-16 14:15 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2018-02-16 14:08 - 2017-10-20 18:22 - 000000000 ____D C:\Users\AMDK\AppData\LocalLow\Mozilla 2018-02-16 14:08 - 2017-10-19 20:38 - 002990584 _____ C:\Windows\ntbtlog.txt 2018-02-16 14:08 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-02-16 13:57 - 2017-10-18 14:24 - 000000000 ____D C:\Users\AMDK 2018-02-13 21:23 - 2017-10-24 19:56 - 000008540 _____ C:\Users\AMDK\Desktop\muzyka.txt 2018-02-13 08:59 - 2017-10-20 18:22 - 000000000 ____D C:\Program Files\Mozilla Firefox 2018-02-13 08:59 - 2017-10-20 18:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-02-12 22:28 - 2017-10-21 08:47 - 000000000 ____D C:\Users\AMDK\AppData\Roaming\AIMP 2018-02-12 22:22 - 2017-10-20 19:52 - 000000000 ____D C:\Users\AMDK\AppData\Roaming\qBittorrent 2018-02-09 08:25 - 2017-10-21 09:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2018-01-28 19:06 - 2009-07-14 05:45 - 000339240 _____ C:\Windows\system32\FNTCACHE.DAT 2018-01-26 19:08 - 2017-10-18 14:48 - 000000000 ____D C:\Users\AMDK\Documents\Bluetooth Folder 2018-01-25 20:14 - 2017-12-19 19:42 - 000000000 ____D C:\Users\AMDK\Documents\Efficient Organizer AutoBackup 2018-01-25 20:03 - 2017-12-19 19:40 - 000000000 ____D C:\ProgramData\firebird ==================== Pliki w katalogu głównym wybranych folderów ======= 2017-11-16 11:50 - 2017-11-16 11:50 - 000002241 _____ () C:\Users\AMDK\AppData\Local\recently-used.xbel 2017-10-18 14:33 - 2017-10-18 21:33 - 000007604 _____ () C:\Users\AMDK\AppData\Local\Resmon.ResmonCfg ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2018-02-07 13:06 ==================== Koniec FRST.txt ============================