Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:30-11-2015 Uruchomiony przez Krzysiek (administrator) KRZYSZTOF (30-11-2015 23:49:38) Uruchomiony z C:\Users\Krzysiek\Downloads Załadowane profile: Krzysiek (Dostępne profile: Krzysiek & Administrator) Platform: Windows 8 (X64) Język: Polski (Polska) Internet Explorer Wersja 10 (Domyślna przeglądarka: Opera) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe (arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (GG Network S.A.) C:\Users\Krzysiek\AppData\Local\GG\Application\gghub.exe (GG Network S.A.) C:\Users\Krzysiek\AppData\Local\GG\Application\ggapp.exe (GG Network S.A.) C:\Users\Krzysiek\AppData\Local\GG\Application\ggdrive\ggdrive.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-20] (IDT, Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2014-11-16] (Synaptics Incorporated) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-09-18] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491632 2012-09-10] (CyberLink Corp.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.) HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7004376 2015-11-19] (AVAST Software) HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [379904 2013-01-10] (IVT Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation) HKU\S-1-5-21-1657043038-3288557173-2309702434-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation) HKU\S-1-5-21-1657043038-3288557173-2309702434-1002\...\Run: [GameXN GO] => "C:\ProgramData\GameXN\GameXNGO.exe" /startup HKU\S-1-5-21-1657043038-3288557173-2309702434-1002\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.) HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Krzysiek\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll [2015-04-15] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Krzysiek\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll [2015-04-15] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Krzysiek\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll [2015-04-15] (Microsoft Corporation) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-11-19] (AVAST Software) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Krzysiek\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-04-15] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Krzysiek\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-04-15] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Krzysiek\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-04-15] (Microsoft Corporation) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{0C99620C-C401-4D54-BB19-A6EA5145E1C9}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{EB6FDCBF-090C-4393-B887-70B0845CED21}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== SearchScopes: HKLM -> {90EC94BD-C139-4B72-ADD0-FBFC3876C3A7} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> {90EC94BD-C139-4B72-ADD0-FBFC3876C3A7} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-1657043038-3288557173-2309702434-1002 -> {90EC94BD-C139-4B72-ADD0-FBFC3876C3A7} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-11-19] (AVAST Software) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard) BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll [2014-10-10] (pdfforge GmbH) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-11-19] (AVAST Software) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard) Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10] (pdfforge GmbH) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-09-18] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [Brak podpisu cyfrowego] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [174416 2015-11-19] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109520 2015-11-19] (AVAST Software) R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1619704 2013-03-26] (IVT Corporation) R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation) [Brak podpisu cyfrowego] U4 BthAvrcpTg; C:\Windows\System32\drivers\BthAvrcpTg.sys [31104 2012-10-27] (Microsoft Corporation) U4 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [51200 2012-07-26] (Microsoft Corporation) U4 bthhfhid; C:\Windows\System32\drivers\BthHFHid.sys [29952 2012-10-27] (Microsoft Corporation) R2 HPConnectedRemote; C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-12] (Hewlett-Packard) R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [Brak podpisu cyfrowego] S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099720 2015-11-17] (Electronic Arts) S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH) R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH) S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH) R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-26] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36520 2012-09-14] (Advanced Micro Devices, Inc.) S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-01-26] (LG Electronics Inc.) S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-01-26] (LG Electronics Inc.) S3 andnetndis; C:\Windows\system32\DRIVERS\lgandnetndis64.sys [93696 2015-01-21] (LG Electronics Inc.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-11-19] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-11-19] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-11-19] (AVAST Software) R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [466400 2015-11-19] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-11-19] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-11-19] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-19] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-19] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [154256 2015-11-19] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-11-19] (AVAST Software) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-21] (Advanced Micro Devices) U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [33968 2012-12-19] (IVT Corporation) R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation) S3 bthav; C:\Windows\system32\drivers\bthav.sys [40448 2008-07-10] (CSR, plc) S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation) S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation) S3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-10-27] (Broadcom Corporation) R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-03] (Realtek Semiconductor Corp.) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-25] (Synaptics Incorporated) S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-25] (Synaptics Incorporated) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34216 2012-07-26] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [258288 2012-07-26] (Microsoft Corporation) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.) U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [33968 2012-12-19] (IVT Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-11-30 23:48 - 2015-11-30 23:48 - 00005591 _____ C:\Users\Krzysiek\Desktop\Fixlog2.txt 2015-11-30 23:47 - 2015-11-30 23:47 - 00005591 _____ C:\Users\Krzysiek\Downloads\Fixlog.txt 2015-11-30 23:45 - 2015-11-30 23:45 - 00001369 _____ C:\Users\Krzysiek\Downloads\FRST64 — skrót.lnk 2015-11-29 21:00 - 2015-11-29 21:00 - 00000040 _____ C:\Users\Public\Documents\_rgpl 2015-11-28 22:16 - 2015-11-28 23:00 - 00000000 ____D C:\Users\Krzysiek\Desktop\nowe logi 2015-11-28 01:05 - 2015-11-30 23:47 - 00000000 ____D C:\Users\Krzysiek\Downloads\FRST-OlderVersion 2015-11-27 08:32 - 2015-11-27 08:32 - 01686953 _____ C:\Users\Krzysiek\Downloads\Wyklad_01_-_Podstawy_grafiki_inzynierskiej.rar 2015-11-27 00:00 - 2015-11-27 00:00 - 00380416 _____ C:\Users\Krzysiek\Downloads\tsggg7g3.exe 2015-11-26 23:50 - 2015-11-27 01:21 - 00000000 ____D C:\Users\Krzysiek\Desktop\logi 2015-11-26 23:49 - 2015-11-26 23:49 - 00167051 _____ C:\Users\Krzysiek\Downloads\Shortcut.txt 2015-11-26 23:46 - 2015-11-28 22:16 - 00039542 _____ C:\Users\Krzysiek\Downloads\Addition.txt 2015-11-26 23:44 - 2015-11-30 23:49 - 00019042 _____ C:\Users\Krzysiek\Downloads\FRST.txt 2015-11-26 23:42 - 2015-11-30 23:47 - 02350080 _____ (Farbar) C:\Users\Krzysiek\Downloads\FRST64.exe 2015-11-26 23:08 - 2015-11-26 23:08 - 00000000 ____D C:\Users\Krzysiek\Downloads\nextclass (2) (1) 2015-11-26 23:07 - 2015-11-26 23:07 - 05484928 _____ C:\Users\Krzysiek\Downloads\nextclass (2) (1).zip 2015-11-26 23:07 - 2015-11-26 23:07 - 01638599 _____ C:\Users\Krzysiek\Downloads\nextclass.zip 2015-11-26 23:07 - 2015-11-26 23:07 - 01638599 _____ C:\Users\Krzysiek\Downloads\nextclass (2).zip 2015-11-26 23:07 - 2015-11-26 23:07 - 00000000 ____D C:\Users\Krzysiek\Downloads\nextclass 2015-11-26 23:04 - 2015-11-26 23:04 - 00000000 ____D C:\Users\Krzysiek\Downloads\nextclass (1) (1) 2015-11-26 23:02 - 2015-11-26 23:02 - 03074618 _____ C:\Users\Krzysiek\Downloads\nextclass (1) (1).zip 2015-11-26 19:52 - 2015-11-26 19:52 - 06439870 _____ C:\Users\Krzysiek\Downloads\Matematyka-08.11.-zad..pdf 2015-11-23 10:58 - 2015-11-23 10:58 - 00012314 _____ C:\Users\Krzysiek\Downloads\Zamówienie 15097.pdf 2015-11-22 19:36 - 2015-11-22 19:36 - 03074618 _____ C:\Users\Krzysiek\Downloads\nextclass (1).zip 2015-11-21 21:28 - 2015-11-21 21:28 - 28584783 _____ C:\Users\Krzysiek\Downloads\Zachowania organizacyjne w nowoczesnym przedsiębiorstwie, Joanna Moczydłowska, Katowice 2006.pdf 2015-11-21 21:11 - 2015-11-21 21:12 - 02895407 _____ C:\Users\Krzysiek\Downloads\Zachowania_w_organizacji.pdf 2015-11-19 23:49 - 2015-11-28 01:07 - 00001161 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk 2015-11-19 23:49 - 2015-11-28 01:07 - 00001149 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk 2015-11-19 23:49 - 2015-11-19 23:49 - 00003092 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1447973338 2015-11-19 23:42 - 2015-11-19 23:42 - 00386096 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2015-11-19 23:42 - 2015-11-19 23:42 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr 2015-11-19 23:41 - 2015-11-19 23:41 - 00466400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys 2015-11-19 23:03 - 2015-11-19 23:03 - 00028848 _____ C:\Users\Krzysiek\Downloads\bz1rxl 2015-11-19 22:26 - 2015-11-19 22:26 - 00011200 _____ C:\Users\Krzysiek\Downloads\tweet_button.html 2015-11-17 15:43 - 2015-11-17 15:43 - 01190616 _____ (Adobe Systems Incorporated) C:\Users\Krzysiek\Downloads\flashplayer19pp_fa_install.exe 2015-11-15 20:12 - 2015-11-15 20:20 - 00717288 _____ (Opera Software) C:\Users\Krzysiek\Downloads\Opera_NI_stable (3).exe 2015-11-15 18:41 - 2015-11-15 18:41 - 00017420 _____ C:\Users\Krzysiek\Downloads\pobrany plik (5) 2015-11-15 18:38 - 2015-11-15 18:38 - 00009312 _____ C:\Users\Krzysiek\Downloads\1461422 2015-11-15 17:19 - 2015-11-15 18:19 - 00002734 _____ C:\Users\Krzysiek\Downloads\1962,Nabor-na-stanowisko-Specjalisty-w-Oddziale-Wielkopolski-PFRON.html 2015-11-15 17:18 - 2015-11-15 17:18 - 00015808 _____ C:\Users\Krzysiek\Downloads\business-result-podrecznik-do-angielskiego-CID751-IDcBsO3.html 2015-11-15 13:02 - 2015-11-15 13:02 - 00023602 _____ C:\Users\Krzysiek\Downloads\jesienna-wyprzedaz-ksiazek 2015-11-15 12:56 - 2015-11-15 12:56 - 00020817 _____ C:\Users\Krzysiek\Downloads\fknf82 2015-11-14 09:42 - 2015-11-14 09:51 - 00000000 ____D C:\Users\Krzysiek\Desktop\angielski 2015-11-13 00:44 - 2015-11-30 21:56 - 00003184 _____ C:\Windows\System32\Tasks\HPCeeScheduleForKrzysiek 2015-11-11 15:43 - 2015-11-11 15:43 - 05027344 _____ (Adobe Systems Inc.) C:\Users\Krzysiek\Downloads\Shockwave_Installer_Slim.exe 2015-11-11 15:16 - 2015-11-11 15:16 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk 2015-11-11 15:16 - 2015-11-11 15:16 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-11-11 15:16 - 2015-11-11 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-11-08 22:02 - 2015-11-08 22:02 - 00000061 _____ C:\Users\Krzysiek\Downloads\listen.pls 2015-11-08 20:56 - 2015-11-08 20:56 - 00001589 _____ C:\Users\Krzysiek\AppData\Local\recently-used.xbel 2015-11-07 00:17 - 2015-11-07 00:17 - 10800877 _____ C:\Users\Krzysiek\Downloads\Matma - pochodne i granice funkcji.pdf 2015-11-06 23:00 - 2015-11-06 23:00 - 00563510 _____ C:\Users\Krzysiek\Downloads\ulotka_cytryna_1.pdf 2015-11-06 22:56 - 2015-11-06 22:56 - 00895931 _____ C:\Users\Krzysiek\Downloads\ulotka_cytryna_2.pdf 2015-11-05 23:26 - 2015-11-05 23:27 - 00000000 ____D C:\Users\Krzysiek\Desktop\Falout pracka 2015-11-05 15:50 - 2015-11-05 15:50 - 00637929 _____ C:\Users\Krzysiek\Downloads\Plan-IZ.pdf 2015-11-02 22:26 - 2015-11-02 22:26 - 00420744 _____ C:\Users\Krzysiek\Downloads\BRIDGE_2_0_0_28.exe 2015-10-31 11:42 - 2015-10-31 11:42 - 00000000 ____D C:\Users\Krzysiek\Documents\Electronic Arts ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-11-30 23:47 - 2014-11-15 18:00 - 00000000 ____D C:\Users\Krzysiek\AppData\Roaming\Mozilla 2015-11-30 23:47 - 2014-11-15 18:00 - 00000000 ____D C:\Users\Krzysiek\AppData\Local\Mozilla 2015-11-30 23:47 - 2014-06-17 20:20 - 00000000 ____D C:\FRST 2015-11-30 23:42 - 2014-10-16 22:02 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-11-30 22:54 - 2014-10-16 06:17 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1657043038-3288557173-2309702434-1002 2015-11-30 22:49 - 2014-11-18 20:02 - 00000000 ____D C:\Users\Krzysiek\AppData\Roaming\GG 2015-11-30 21:57 - 2013-08-16 10:58 - 01143296 ___SH C:\Users\Krzysiek\Desktop\Thumbs.db 2015-11-30 21:56 - 2015-06-28 10:47 - 00000364 _____ C:\Windows\Tasks\HPCeeScheduleForKrzysiek.job 2015-11-30 21:56 - 2014-10-16 06:03 - 00000000 ____D C:\Users\Krzysiek 2015-11-30 21:52 - 2015-04-18 22:30 - 00000000 ____D C:\Program Files (x86)\Steam 2015-11-29 21:59 - 2015-01-23 23:15 - 00000000 ____D C:\Games 2015-11-29 16:45 - 2012-10-27 04:56 - 00827626 _____ C:\Windows\system32\perfh015.dat 2015-11-29 16:45 - 2012-10-27 04:56 - 00176034 _____ C:\Windows\system32\perfc015.dat 2015-11-29 16:45 - 2012-07-26 08:28 - 01936226 _____ C:\Windows\system32\PerfStringBackup.INI 2015-11-29 16:45 - 2012-07-26 06:37 - 00000000 ____D C:\Windows\Inf 2015-11-29 16:40 - 2013-03-22 10:00 - 00000965 _____ C:\Windows\SysWOW64\bscs.ini 2015-11-29 16:40 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-11-29 16:38 - 2012-07-26 06:26 - 01048576 ___SH C:\Windows\system32\config\BBI 2015-11-28 22:15 - 2012-07-26 06:37 - 00000000 ____D C:\Windows 2015-11-28 22:11 - 2013-08-25 07:45 - 01137152 ___SH C:\Users\Krzysiek\Downloads\Thumbs.db 2015-11-28 01:08 - 2015-02-14 09:41 - 00000000 ____D C:\Users\Krzysiek\AppData\LocalLow\Temp 2015-11-28 01:07 - 2015-03-20 00:04 - 00002153 _____ C:\Users\Public\Desktop\ Star Wars Knights of the Old Republic II - The Sith Lords.lnk 2015-11-28 01:07 - 2015-03-20 00:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LucasArts 2015-11-28 01:07 - 2014-10-16 21:56 - 00000998 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2015-11-28 01:07 - 2014-10-16 21:56 - 00000986 _____ C:\Users\Public\Desktop\Opera.lnk 2015-11-28 01:07 - 2014-10-16 06:10 - 00001168 _____ C:\Users\Krzysiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-11-28 01:07 - 2014-02-16 15:03 - 00000000 ____D C:\Users\Krzysiek\Documents\Dawne CV 2015-11-28 01:07 - 2013-07-21 18:13 - 00000000 ____D C:\Users\Krzysiek\Documents\Moje dokumenty stare 2015-11-26 22:54 - 2015-06-12 23:08 - 00000000 ____D C:\Users\Krzysiek\AppData\Local\SecondLife 2015-11-26 22:29 - 2014-11-18 20:02 - 00000000 ____D C:\Users\Krzysiek\AppData\Local\GG 2015-11-26 00:05 - 2014-11-09 14:56 - 00000000 ____D C:\Users\Krzysiek\AppData\Local\CrashDumps 2015-11-26 00:04 - 2015-02-14 09:50 - 00000000 ____D C:\Program Files (x86)\PDF Architect 2 2015-11-25 23:16 - 2015-05-19 16:24 - 00000000 ____D C:\Users\Krzysiek\AppData\Local\vghd 2015-11-25 21:49 - 2014-10-25 20:19 - 00000000 ____D C:\Program Files (x86)\Origin Games 2015-11-25 21:49 - 2014-10-25 20:15 - 00000000 ____D C:\ProgramData\Electronic Arts 2015-11-23 23:43 - 2014-11-08 17:55 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2015-11-20 00:01 - 2012-07-26 08:59 - 00000000 ____D C:\Windows\CbsTemp 2015-11-19 23:55 - 2014-10-16 21:56 - 00003864 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1413492979 2015-11-19 23:55 - 2014-10-16 21:56 - 00000000 ____D C:\Program Files (x86)\Opera 2015-11-19 23:42 - 2014-11-08 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2015-11-19 23:42 - 2014-11-08 17:54 - 00449992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2015-11-19 23:42 - 2014-11-08 17:54 - 00273784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2015-11-19 23:42 - 2014-11-08 17:54 - 00154256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2015-11-19 23:42 - 2014-11-08 17:54 - 00097648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2015-11-19 23:42 - 2014-11-08 17:54 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2015-11-19 23:42 - 2014-11-08 17:54 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2015-11-19 23:42 - 2014-11-08 17:54 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2015-11-19 23:42 - 2014-11-08 16:40 - 00000000 ____D C:\ProgramData\AVAST Software 2015-11-19 23:41 - 2015-05-08 11:27 - 00028144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2015-11-19 23:41 - 2014-11-08 17:54 - 01059656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2015-11-19 23:41 - 2014-11-08 17:53 - 00000000 ____D C:\Program Files\AVAST Software 2015-11-17 23:20 - 2014-10-25 20:15 - 00000000 ____D C:\ProgramData\Origin 2015-11-17 21:37 - 2014-10-25 20:15 - 00000000 ____D C:\Program Files (x86)\Origin 2015-11-17 15:48 - 2014-10-16 22:02 - 00003818 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-11-17 15:47 - 2014-10-16 22:01 - 00000000 ____D C:\Users\Krzysiek\AppData\Local\Adobe 2015-11-15 20:26 - 2014-12-21 17:08 - 00000000 ____D C:\Users\Krzysiek\AppData\Local\ElevatedDiagnostics 2015-11-15 20:19 - 2015-04-11 12:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAZ 3D 2015-11-15 20:19 - 2015-04-11 12:15 - 00000000 ____D C:\Program Files\DAZ 3D 2015-11-15 20:18 - 2015-04-11 12:16 - 00000000 ____D C:\Users\Krzysiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D 2015-11-14 14:46 - 2015-06-12 23:08 - 00001157 _____ C:\Users\Public\Desktop\Second Life Viewer.lnk 2015-11-14 14:45 - 2015-06-12 23:07 - 00000000 ____D C:\Program Files (x86)\SecondLifeViewer 2015-11-13 00:34 - 2014-12-10 20:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-11-11 15:47 - 2012-10-26 19:58 - 00000000 ____D C:\Windows\SysWOW64\Adobe 2015-11-11 15:23 - 2014-11-18 19:46 - 00000000 ____D C:\Users\Krzysiek\AppData\Roaming\Skype 2015-11-11 15:18 - 2015-05-20 10:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2015-11-11 15:18 - 2014-11-15 18:04 - 00001213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2015-11-11 15:18 - 2014-11-15 18:04 - 00001201 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk 2015-11-11 15:17 - 2014-11-18 19:45 - 00000000 ____D C:\ProgramData\Skype 2015-11-11 15:14 - 2015-06-13 21:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-11-11 15:13 - 2015-09-23 16:49 - 00000000 ____D C:\Users\Krzysiek\.oracle_jre_usage 2015-11-11 15:11 - 2015-06-13 21:12 - 00000000 ____D C:\Program Files\Java 2015-11-08 21:59 - 2013-08-03 21:00 - 00000000 ____D C:\Users\Krzysiek\.gimp-2.8 2015-11-08 20:56 - 2014-11-02 23:00 - 00000000 ____D C:\Users\Krzysiek\AppData\Local\gtk-2.0 2015-11-04 16:53 - 2012-07-26 09:12 - 00000000 ___HD C:\Program Files\WindowsApps 2015-11-04 16:53 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent 2015-11-02 22:27 - 2015-06-30 16:50 - 00000000 ____D C:\Program Files (x86)\Ganymede ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-11-08 20:56 - 2015-11-08 20:56 - 0001589 _____ () C:\Users\Krzysiek\AppData\Local\recently-used.xbel 2013-01-16 01:25 - 2013-01-16 01:25 - 0000595 _____ () C:\ProgramData\CyberlinkOutput.txt 2015-10-18 21:57 - 2015-10-18 21:57 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc 2014-10-16 06:07 - 2014-10-16 06:07 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc Niektóre pliki w TEMP: ==================== C:\Users\Krzysiek\AppData\Local\Temp\ezGameXN.dll C:\Users\Krzysiek\AppData\Local\Temp\GameXNGO.exe ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2015-11-29 09:54 ==================== Koniec FRST.txt ============================