Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 17.01.2018 01
Uruchomiony przez Barti (administrator)  BARTI-KOMPUTER (19-01-2018 16:06:48)
Uruchomiony z C:\Users\Barti\Downloads
Załadowane profile: Barti (Dostępne profile: Barti)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: FF)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Mozilla Corporation) C:\Users\Barti\AppData\Local\Mozilla Firefox\firefox.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Mozilla Corporation) C:\Users\Barti\AppData\Local\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Mozilla Corporation) C:\Users\Barti\AppData\Local\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Users\Barti\AppData\Local\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Users\Barti\AppData\Local\Mozilla Firefox\firefox.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Rejestr (filtrowane) ===========================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18382816 2017-09-07] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-11-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2018-01-17] (AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA
HKU\S-1-5-21-477634370-3830861378-262435411-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9856176 2017-09-20] (Piriform Ltd)
HKU\S-1-5-21-477634370-3830861378-262435411-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation)
HKU\S-1-5-21-477634370-3830861378-262435411-1000\...\Run: [hoffxvppyx] => explorer "hxxp://mcamega.ru/?utm_source=uoua03&utm_content=b5d515c02d3f251035eb7c407507a726&utm_term=4FAFCBD7A298DC3AD6974797D7820D60&utm_d=20180117" <==== UWAGA
HKU\S-1-5-21-477634370-3830861378-262435411-1000\...\MountPoints2: E - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-477634370-3830861378-262435411-1000\...\MountPoints2: {0d9afed2-936a-11e7-9ba6-806e6f6e6963} - D:\autorun.exe
HKU\S-1-5-21-477634370-3830861378-262435411-1000\...\MountPoints2: {947b14c0-936a-11e7-aedd-0019dbcee39d} - E:\AutoRun.exe
HKU\S-1-5-21-477634370-3830861378-262435411-1000\...\MountPoints2: {ec14457f-c305-11e7-a72d-806e6f6e6963} - E:\HiSuiteDownLoader.exe
GroupPolicy: Ograniczenia - Chrome <==== UWAGA
GroupPolicy\User: Ograniczenia <==== UWAGA

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{B9E44179-B413-4E91-958A-5318D4C69F11}: [NameServer] 35.177.46.238,46.101.28.31,82.202.226.203,192.168.1.1
Tcpip\..\Interfaces\{B9E44179-B413-4E91-958A-5318D4C69F11}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{DF81F71F-E553-4BA7-94F1-E8A37D4E79E7}: [NameServer] 35.177.46.238,46.101.28.31,82.202.226.203
Tcpip\..\Interfaces\{EA8B58B4-A16C-415B-BD78-E969A35EA44E}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{F4FB4178-94AC-46B0-A8AE-951254395C60}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-477634370-3830861378-262435411-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://mcamega.ru/?utm_source=startpage03&utm_content=6f499d7ffc995534f8ab9fdd9b86672d&utm_term=f18ed4b28f14510a5941f43bf1de8965&utm_d=17012018
HKU\S-1-5-21-477634370-3830861378-262435411-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp
SearchScopes: HKU\S-1-5-21-477634370-3830861378-262435411-1000 -> {A06ED961-D98F-4CF9-A89B-80AB11DB149C} URL = hxxp://go-search.ru/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-477634370-3830861378-262435411-1000 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7BBDCB4C49-4E20-4466-B122-852D90F0F0BB%7D&gp=855500
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-01-17] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-01-17] (AVAST Software)

FireFox:
========
FF DefaultProfile: 1zlr5bp0.default
FF ProfilePath: C:\Users\Barti\AppData\Roaming\Mozilla\Firefox\Profiles\1zlr5bp0.default [2018-01-19]
FF Homepage: Mozilla\Firefox\Profiles\1zlr5bp0.default -> about:newtab
FF Extension: (Disable JavaScript Shared Memory) - C:\Users\Barti\AppData\Roaming\Mozilla\Firefox\Profiles\1zlr5bp0.default\features\{b9e96808-7071-4785-bd0b-6be798b76577}\disable-js-shared-memory@mozilla.org.xpi [2018-01-17] [Przestarzałe]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin HKU\S-1-5-21-477634370-3830861378-262435411-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Brak pliku]
StartMenuInternet: Firefox-788306D64B513808 - C:\Users\Barti\AppData\Local\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [bhjhnafpiilpffhglajcaepjbnbjemci] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hcadgijmedbfgciegjomfpjcdchlhnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [indjgiebmakhmnaplnlnanodkfiejfjd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ligncphnohhjkgekjkghahajihclailj] - hxxps://clients2.google.com/service/update2/crx

==================== Usługi (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7538536 2018-01-17] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2018-01-17] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1517576 2017-12-28] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-11-14] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-11-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-11-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-11-14] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2016-08-20] (Microsoft Corporation)
S2 SvcHost Service Host; "C:\Windows\Microsoft\svchost.exe" -k LocalService [X]

===================== Sterowniki (filtrowane) ======================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [185096 2018-01-17] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [321512 2018-01-17] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199448 2018-01-17] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343768 2018-01-17] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57696 2018-01-17] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [149344 2018-01-17] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46976 2018-01-17] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [146648 2018-01-17] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110336 2018-01-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84384 2018-01-17] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1025176 2018-01-17] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [457896 2018-01-17] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [204456 2018-01-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [358672 2018-01-17] (AVAST Software)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-11-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-11-14] (NVIDIA Corporation)
S3 DualCoreCenter; \??\C:\Program Files (x86)\MSI\DualCoreCenter\NTGLM7X64.sys [X]
S3 NVR0Dev; \??\C:\Windows\nvoclk64.sys [X]
S3 RushTopDevice2; \??\C:\Program Files (x86)\MSI\DualCoreCenter\RushTop64.sys [X]

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2018-01-19 15:24 - 2018-01-19 15:25 - 000004610 _____ C:\fixlist.exe.txt
2018-01-19 15:13 - 2018-01-19 16:07 - 000011804 _____ C:\Users\Barti\Downloads\FRST.txt
2018-01-19 15:11 - 2018-01-19 16:06 - 000000000 ____D C:\FRST
2018-01-19 15:10 - 2018-01-19 15:10 - 002393088 _____ (Farbar) C:\Users\Barti\Downloads\FRST64.exe
2018-01-19 15:09 - 2018-01-19 15:09 - 000000000 ____D C:\ProgramData\SWCUTemp
2018-01-19 15:01 - 2018-01-19 15:06 - 000000000 ____D C:\AdwCleaner
2018-01-19 15:00 - 2018-01-19 15:00 - 008206624 _____ (Malwarebytes) C:\Users\Barti\Downloads\adwcleaner_7.0.7.0.exe
2018-01-17 22:54 - 2018-01-17 22:54 - 000000000 ___HD C:\$AV_ASW
2018-01-17 20:46 - 2018-01-19 15:08 - 000000000 ____D C:\Users\Barti\AppData\LocalLow\Mozilla
2018-01-17 20:46 - 2018-01-17 20:49 - 000000000 ____D C:\Users\Barti\AppData\Local\Mozilla
2018-01-17 20:46 - 2018-01-17 20:46 - 000001162 _____ C:\Users\Barti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2018-01-17 20:46 - 2018-01-17 20:46 - 000001154 _____ C:\Users\Barti\Desktop\Mozilla Firefox.lnk
2018-01-17 20:46 - 2018-01-17 20:46 - 000000000 ____D C:\Users\Barti\AppData\Roaming\Mozilla
2018-01-17 20:45 - 2018-01-19 14:42 - 000000000 ____D C:\Users\Barti\AppData\Local\Mozilla Firefox
2018-01-17 20:32 - 2018-01-17 20:32 - 000000000 ____D C:\Users\Barti\AppData\Local\AVAST Software
2018-01-17 20:14 - 2018-01-17 20:14 - 000000266 __RSH C:\Users\Barti\ntuser.pol
2018-01-17 20:14 - 2018-01-17 20:14 - 000000000 ____D C:\Users\Barti\AppData\Local\VirtualStore
2018-01-17 20:07 - 2018-01-17 20:07 - 000000000 ____D C:\Users\Barti\AppData\Roaming\AVAST Software
2018-01-17 20:06 - 2018-01-17 20:06 - 000457896 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-01-17 20:06 - 2018-01-17 20:06 - 000146648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-01-17 20:06 - 2018-01-17 20:06 - 000003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-01-17 20:06 - 2018-01-17 20:06 - 000001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-01-17 20:06 - 2018-01-17 20:06 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2018-01-17 20:06 - 2018-01-17 20:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2018-01-17 20:06 - 2018-01-17 20:06 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2018-01-17 20:06 - 2018-01-17 20:05 - 001025176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-01-17 20:06 - 2018-01-17 20:05 - 000365680 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-01-17 20:06 - 2018-01-17 20:05 - 000358672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-01-17 20:06 - 2018-01-17 20:05 - 000343768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-01-17 20:06 - 2018-01-17 20:05 - 000321512 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-01-17 20:06 - 2018-01-17 20:05 - 000204456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-01-17 20:06 - 2018-01-17 20:05 - 000199448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-01-17 20:06 - 2018-01-17 20:05 - 000185096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-01-17 20:06 - 2018-01-17 20:05 - 000149344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-01-17 20:06 - 2018-01-17 20:05 - 000110336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-01-17 20:06 - 2018-01-17 20:05 - 000084384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-01-17 20:06 - 2018-01-17 20:05 - 000057696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-01-17 20:06 - 2018-01-17 20:05 - 000046976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-01-17 20:03 - 2018-01-17 20:49 - 000000000 ____D C:\ProgramData\AVAST Software
2018-01-17 20:03 - 2018-01-17 20:03 - 000000000 ____D C:\Program Files\AVAST Software
2018-01-17 20:02 - 2018-01-17 20:02 - 007172032 _____ (AVAST Software) C:\Users\Barti\Downloads\avast_free_antivirus_setup_online_a2a.exe
2018-01-17 19:56 - 2018-01-17 19:59 - 000003532 _____ C:\Windows\System32\Tasks\curl
2018-01-17 19:56 - 2018-01-17 19:59 - 000003322 _____ C:\Windows\System32\Tasks\curls
2018-01-13 21:05 - 2018-01-14 01:03 - 000000250 _____ C:\Users\Barti\AppData\LocalLow\rbxcsettings.rbx
2018-01-13 21:05 - 2018-01-13 21:26 - 000000000 ____D C:\Users\Barti\AppData\Local\Roblox
2018-01-11 16:04 - 2018-01-11 16:04 - 000000222 _____ C:\Users\Barti\Desktop\Lost Planet 3.url
2018-01-07 11:03 - 2018-01-07 11:03 - 000526949 _____ C:\Users\Barti\Desktop\Zamowienie_8097_ver_5-1.pdf
2018-01-07 10:53 - 2018-01-07 10:53 - 000526949 _____ C:\Users\Barti\Downloads\Zamowienie_8097_ver_5-1.pdf
2017-12-29 00:39 - 2017-12-29 00:39 - 000001862 _____ C:\Users\Public\Desktop\Play Lucent Heart.lnk
2017-12-29 00:39 - 2017-12-29 00:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Suba Games
2017-12-29 00:39 - 2017-12-29 00:39 - 000000000 ____D C:\Program Files (x86)\SubaGames
2017-12-29 00:03 - 2017-12-29 00:28 - 3587463639 _____ (Suba Games) C:\Users\Barti\Downloads\LH_EN_10.00.0700_Setup.exe
2017-12-25 22:59 - 2017-12-26 00:14 - 000000000 ____D C:\ProgramData\GOG.com

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2018-01-19 15:16 - 2009-07-14 05:45 - 000028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-01-19 15:16 - 2009-07-14 05:45 - 000028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-01-19 15:15 - 2011-04-12 14:21 - 000739868 _____ C:\Windows\system32\perfh015.dat
2018-01-19 15:15 - 2011-04-12 14:21 - 000155442 _____ C:\Windows\system32\perfc015.dat
2018-01-19 15:15 - 2009-07-14 06:13 - 001668258 _____ C:\Windows\system32\PerfStringBackup.INI
2018-01-19 15:15 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-01-19 15:08 - 2017-12-15 21:06 - 000000000 ____D C:\Program Files (x86)\Steam
2018-01-19 15:07 - 2017-09-07 03:48 - 000000000 ____D C:\ProgramData\NVIDIA
2018-01-19 15:07 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-01-17 20:39 - 2017-09-07 02:20 - 000000000 ____D C:\Users\Barti
2018-01-17 20:36 - 2017-09-07 03:02 - 000000000 ____D C:\Users\Barti\AppData\Local\Google
2018-01-17 19:50 - 2017-09-26 14:54 - 000000266 __RSH C:\ProgramData\ntuser.pol
2018-01-17 19:50 - 2009-07-14 04:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2018-01-11 16:10 - 2017-10-28 19:47 - 000000000 ____D C:\Users\Barti\Documents\My Games
2018-01-06 12:38 - 2017-09-07 03:23 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-12-26 00:53 - 2017-09-07 03:46 - 000000000 ____D C:\ProgramData\Package Cache
2017-12-25 16:16 - 2017-11-26 17:06 - 000000000 ____D C:\Users\Barti\AppData\Local\CrashDumps
2017-12-20 12:44 - 2009-07-14 06:08 - 000032520 _____ C:\Windows\Tasks\SCHEDLGU.TXT

==================== Bamital & volsnap ======================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo
C:\Windows\explorer.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo
C:\Windows\system32\services.exe => Plik podpisany cyfrowo
C:\Windows\system32\User32.dll => Plik podpisany cyfrowo
C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo
C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo

LastRegBack: 2018-01-12 20:04

==================== Koniec  FRST.txt ============================