Witam, Mam ostatnio dziwny problem z wolnym miejscem na dysku. System pokazuje, że mam wolne zaledwie kilka GB, zrobiłem małe porządki na dysku i zwiększyłem zapas do około 70 GB. Zainstalowałem potem różne śmiecia, które mogły ważyć w sumie jakieś 20 GB, a w Moim komputerze pokazuje mi, że mam wolnych zaledwie 7 GB. Wyczytałem tu wcześniej o podobnym problemie, gdzie komuś system pokazywał błędną ilość wolnego miejsca. Było to związane z zarobaczeniem systemu. Od razu przeprowadziłem więc skan antywirusem (Avast, więc pewnie nie na wiele się zdał) oraz dwoma polecanymi tu programami (Malwerbytes i AdwCleaner). Nie wiem co jeszcze zrobić, więc wklejam wymagane logi i liczę na to, że ktoś ogarnie to lepiej ode mnie. Z góry dzięki za uwagę i ewentualną pomoc.
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:04-10-2015
Uruchomiony przez Ozo (administrator) LUXPERPETUA (06-10-2015 17:17:03)
Uruchomiony z C:\Users\Ozo\Downloads
Załadowane profile: Ozo (Dostępne profile: Ozo)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Język: Polski (Polska)
Internet Explorer Wersja 9 (Domyślna przeglądarka: Chrome)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesy (filtrowane) =================
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation\Ath_WlanAgent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Rejestr (filtrowane) ===========================
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
HKLM\...\Run: [RTHDVCPL] = & gt; C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13550152 2014-06-04] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] = & gt; C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] = & gt; C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] = & gt; C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] = & gt; C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291280 2014-06-04] (Intel Corporation)
HKLM-x32\...\Run: [ATKOSD2] = & gt; C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [406328 2013-09-09] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] = & gt; C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [205624 2013-05-30] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] = & gt; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Smart File Advisor] = & gt; C:\Program Files (x86)\Smart File Advisor\sfa.exe [283712 2013-10-30] (Filefacts.net)
HKLM-x32\...\Run: [SFAUpdater] = & gt; C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe [655936 2013-10-28] (Filefacts.net)
HKLM-x32\...\Run: [SDTray] = & gt; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] = & gt; C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-03-25] (Avast Software s.r.o.)
HKLM-x32\...\Run: [BtTray] = & gt; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [389368 2014-02-17] (IVT Corporation)
HKLM-x32\...\Run: [SwitchBoard] = & gt; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] = & gt; C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] = & gt; C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2089663864-3555848617-1435307845-1000\...\Run: [uTorrent] = & gt; C:\Users\Ozo\AppData\Roaming\uTorrent\uTorrent.exe [1821536 2015-09-26] (BitTorrent Inc.)
HKU\S-1-5-21-2089663864-3555848617-1435307845-1000\...\Run: [AlcoholAutomount] = & gt; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKU\S-1-5-21-2089663864-3555848617-1435307845-1000\...\Run: [Spybot-S & D Cleaning] = & gt; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-2089663864-3555848617-1435307845-1000\...\Run: [Steam] = & gt; C:\Program Files (x86)\Steam\Steam.exe [2899136 2015-08-19] (Valve Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll = & gt; C:\Windows\system32\nvinitx.dll [166568 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll = & gt; C:\Windows\SysWOW64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] - & gt; {472083B0-C522-11CF-8763-00608CC02F24} = & gt; C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-03-25] (Avast Software s.r.o.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Ograniczenia - Chrome & lt; ======= UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia & lt; ======= UWAGA
==================== Internet (filtrowane) ====================
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{CD92D242-A138-4C6B-AD42-08E2843C97E2}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-2089663864-3555848617-1435307845-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp
BHO: avast! Online Security - & gt; {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - & gt; C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-25] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper - & gt; {9030D464-4C02-4ABF-8ECC-5164760863C6} - & gt; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26] (Oracle Corporation)
BHO-x32: avast! Online Security - & gt; {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - & gt; C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-25] (Avast Software s.r.o.)
BHO-x32: Windows Live ID Sign-in Helper - & gt; {9030D464-4C02-4ABF-8ECC-5164760863C6} - & gt; C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 - & gt; C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 - & gt; C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - & gt; C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - & gt; C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: Adobe Reader - & gt; C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2089663864-3555848617-1435307845-1000: @unity3d.com/UnityPlayer,version=1.0 - & gt; C:\Users\Ozo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-11-11] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-28]
Chrome:
=======
CHR Profile: C:\Users\Ozo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentacje Google) - C:\Users\Ozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-16]
CHR Extension: (Dokumenty Google) - C:\Users\Ozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-04]
CHR Extension: (Dysk Google) - C:\Users\Ozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-04]
CHR Extension: (YouTube) - C:\Users\Ozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-04]
CHR Extension: (Adblock Plus) - C:\Users\Ozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-17]
CHR Extension: (Google Search) - C:\Users\Ozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-04]
CHR Extension: (Arkusze Google) - C:\Users\Ozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-07]
CHR Extension: (Avast Online Security) - C:\Users\Ozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-28]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Ozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-04]
CHR Extension: (Gmail) - C:\Users\Ozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-04]
CHR HKLM-x32\...\Chrome\Extension: [bempokoddbgidehgjdhlppgpaahallkj] - C:\ProgramData\ASDQWDSA\Prishtina_2.crx [2014-08-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-25]
==================== Usługi (filtrowane) ========================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-25] (Avast Software s.r.o.)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-03-25] (Avast Software)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1579880 2014-02-17] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [145656 2013-12-16] (IVT Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [Brak podpisu cyfrowego]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Brak podpisu cyfrowego]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation\Ath_WlanAgent.exe [77824 2012-06-19] (Atheros) [Brak podpisu cyfrowego]
===================== Sterowniki (filtrowane) ==========================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-25] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-25] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-25] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-25] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-03-25] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-25] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-03-25] ()
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [312480 2015-01-23] ()
R3 ATP; C:\Windows\System32\DRIVERS\AsusTP.sys [70928 2013-12-12] (ASUS Corporation)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [33968 2012-12-19] (IVT Corporation)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [54064 2013-04-26] (Ralink Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [51936 2014-01-20] (Ralink Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2015-01-23] ()
R3 m76usb; C:\Windows\System32\DRIVERS\m76usb.sys [539848 2014-02-12] (Ralink Technology Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-10-06] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-06-07] (Duplex Secure Ltd.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-03-25] (Avast Software)
U3 a91kijwr; C:\Windows\System32\Drivers\a91kijwr.sys [0 ] (Microsoft Corporation) & lt; ==== UWAGA (zerobajtowy plik/folder)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [33968 2012-12-19] (IVT Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
==================== Jeden miesiąc - utworzone pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2015-10-06 17:17 - 2015-10-06 17:17 - 00019896 _____ C:\Users\Ozo\Downloads\FRST.txt
2015-10-06 17:16 - 2015-10-06 17:17 - 00000000 ____D C:\FRST
2015-10-06 17:16 - 2015-10-06 17:16 - 02193920 _____ (Farbar) C:\Users\Ozo\Downloads\FRST64.exe
2015-10-06 17:04 - 2015-10-06 17:09 - 00000000 ____D C:\AdwCleaner
2015-10-06 16:46 - 2015-10-06 16:46 - 01681920 _____ C:\Users\Ozo\Downloads\AdwCleaner.exe
2015-10-06 16:27 - 2015-10-06 17:11 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-06 16:27 - 2015-10-06 16:27 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-06 16:27 - 2015-10-06 16:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-06 16:27 - 2015-10-06 16:27 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-06 16:27 - 2015-10-06 16:27 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-06 16:27 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-06 16:27 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-06 16:27 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-10-06 16:25 - 2015-10-06 16:26 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Ozo\Downloads\mbam-setup-2.1.8.1057.exe
2015-10-05 19:30 - 2015-10-05 19:30 - 00017227 _____ C:\Users\Ozo\Downloads\ComboFix.txt
2015-10-04 13:56 - 2015-10-04 13:56 - 00001768 _____ C:\Users\Public\Desktop\Pillars of Eternity.lnk
2015-10-04 13:56 - 2015-10-04 13:56 - 00000000 ____D C:\Users\Ozo\AppData\LocalLow\Obsidian Entertainment
2015-10-04 13:56 - 2015-10-04 13:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-10-04 13:23 - 2015-10-04 13:23 - 00000000 ____D C:\GOG Games
2015-10-04 09:55 - 2015-10-04 12:53 - 00000000 ____D C:\Users\Ozo\Downloads\pillars_of_eternity
2015-10-03 22:44 - 2015-10-03 22:44 - 00000000 ____D C:\Users\Ozo\AppData\Roaming\TERA
2015-10-03 22:43 - 2015-10-03 22:43 - 00001170 _____ C:\Users\Ozo\Desktop\TERA.lnk
2015-10-03 21:56 - 2015-10-05 19:24 - 00000000 ____D C:\Users\Ozo\Downloads\Gameforge Live
2015-10-03 21:56 - 2015-10-03 22:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2015-10-03 21:56 - 2015-10-03 21:56 - 00001071 _____ C:\Users\Public\Desktop\Gameforge Live.lnk
2015-10-03 21:56 - 2015-10-03 21:56 - 00000000 ____D C:\Users\Ozo\AppData\Local\Gameforge4d
2015-10-03 21:56 - 2015-10-03 21:56 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2015-09-20 09:56 - 2015-09-20 09:57 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-20 09:28 - 2015-09-20 09:34 - 00000000 ___RD C:\Users\Ozo\Desktop\Weird Shiet From Dien
2015-09-08 19:43 - 2015-09-08 19:43 - 00003042 _____ C:\Windows\System32\Tasks\{1547A8F6-D1F6-44D9-A3DC-9C6031157A46}
2015-09-08 19:37 - 2015-09-08 19:37 - 00000000 ____D C:\Users\Ozo\AppData\Roaming\Fallout 3 - NMC's Texture Pack
2015-09-08 19:28 - 2015-09-08 19:28 - 00000000 ____D C:\Users\Ozo\AppData\Roaming\Fallout 3 - Wasteland Edition
2015-09-08 19:27 - 2015-09-08 19:27 - 00001298 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
2015-09-08 09:51 - 2015-09-08 10:00 - 00000000 ____D C:\Users\Ozo\Downloads\Fallout 3 - Wasteland Edition
2015-09-07 20:56 - 2015-09-07 20:56 - 00002996 _____ C:\Windows\System32\Tasks\{EAD8938A-F668-465B-B84A-3B7632B9C15D}
2015-09-07 20:56 - 2015-09-07 20:56 - 00002996 _____ C:\Windows\System32\Tasks\{B09368EC-4AA8-4681-8AFF-4387BED8167C}
2015-09-07 14:25 - 2015-09-07 14:25 - 00000000 ____D C:\Users\Ozo\Downloads\Fallout_3_pl
==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2015-10-06 17:15 - 2014-06-05 00:43 - 01343335 _____ C:\Windows\WindowsUpdate.log
2015-10-06 17:15 - 2014-06-04 19:20 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-06 17:13 - 2014-10-21 17:06 - 00004268 _____ C:\Windows\SysWOW64\LOCALSERVICE.INI
2015-10-06 17:13 - 2014-06-05 20:24 - 00000000 ____D C:\Users\Ozo\AppData\Roaming\uTorrent
2015-10-06 17:13 - 2014-06-05 18:24 - 00000074 _____ C:\Users\Ozo\AppData\Roaming\sp_data.sys
2015-10-06 17:12 - 2014-01-21 15:40 - 00000966 _____ C:\Windows\SysWOW64\bscs.ini
2015-10-06 17:12 - 2009-07-14 06:51 - 00158344 _____ C:\Windows\setupact.log
2015-10-06 17:11 - 2014-10-21 17:06 - 00000043 _____ C:\Windows\SysWOW64\LOCALDEVICE.INI
2015-10-06 17:11 - 2014-09-20 20:28 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-06 17:11 - 2014-06-04 19:20 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-06 17:10 - 2010-11-21 05:47 - 00035538 _____ C:\Windows\PFRO.log
2015-10-06 17:10 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-06 17:09 - 2009-07-14 06:45 - 00026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-06 17:09 - 2009-07-14 06:45 - 00026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-06 11:00 - 2015-01-16 14:41 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{6556CD6E-BD24-41A3-A406-C4369058E5BE}
2015-10-04 13:56 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-03 22:42 - 2014-06-08 10:15 - 00000000 ___RD C:\Users\Ozo\Desktop\Giery
2015-10-03 22:31 - 2014-11-11 17:04 - 00000000 ____D C:\Users\Ozo\Downloads\Borderlands(DIRECT PLAY with all 4 DLC's)
2015-10-03 22:28 - 2015-01-23 20:17 - 00000000 ____D C:\Program Files (x86)\The Witcher Enhanced Edition
2015-10-03 22:18 - 2014-06-04 19:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-10-03 22:15 - 2015-02-16 11:59 - 00000000 ____D C:\Users\Ozo\AppData\Roaming\.minecraft
2015-09-30 15:35 - 2014-08-28 20:55 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-09-27 09:11 - 2015-08-01 17:53 - 00000000 ____D C:\Users\Ozo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-09-25 18:19 - 2014-06-04 19:22 - 00002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-20 20:51 - 2015-01-24 20:37 - 00000000 ___RD C:\Users\Ozo\Desktop\RPG
2015-09-20 17:10 - 2014-06-09 22:57 - 00000000 ____D C:\Users\Ozo\Documents\My Games
2015-09-20 09:33 - 2014-06-04 18:50 - 00000000 ____D C:\Users\Ozo
2015-09-16 15:10 - 2014-06-04 19:20 - 00004044 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-16 15:10 - 2014-06-04 19:20 - 00003792 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-15 20:16 - 2014-12-25 18:56 - 00000132 _____ C:\Users\Ozo\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-09-14 19:00 - 2014-06-04 21:11 - 00000000 ____D C:\Users\Ozo\Desktop\Angielski Lol
2015-09-14 18:02 - 2014-06-04 19:20 - 00000000 ____D C:\Users\Ozo\AppData\Local\Google
2015-09-12 13:51 - 2014-06-04 21:27 - 00328564 _____ C:\Windows\DirectX.log
2015-09-12 08:39 - 2014-10-30 21:10 - 00000000 ____D C:\Windows\system32\appmgmt
2015-09-12 08:33 - 2014-06-08 15:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II
2015-09-10 20:22 - 2015-03-04 18:41 - 00000000 ____D C:\Users\Ozo\AppData\Roaming\TS3Client
2015-09-08 19:52 - 2014-06-04 20:22 - 01668616 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-09-08 19:52 - 2011-04-12 15:21 - 00747898 _____ C:\Windows\system32\perfh015.dat
2015-09-08 19:52 - 2011-04-12 15:21 - 00160432 _____ C:\Windows\system32\perfc015.dat
2015-09-08 19:52 - 2009-07-14 07:13 - 01667756 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-08 19:37 - 2014-06-08 15:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2015-09-08 19:27 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-09-08 18:07 - 2014-06-08 15:43 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2015-09-08 18:04 - 2015-04-06 15:35 - 00000000 ____D C:\ProgramData\TEMP
2015-09-08 18:03 - 2015-04-11 11:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
2015-09-08 13:48 - 2015-05-17 09:25 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-09-08 13:48 - 2015-05-09 16:23 - 00000000 ____D C:\Users\Ozo\AppData\Local\Battle.net
2015-09-07 14:03 - 2015-05-02 19:31 - 00000000 ____D C:\Program Files (x86)\Bethesda Softworks
==================== Pliki w katalogu głównym wybranych folderów =======
2014-12-25 18:56 - 2015-09-15 20:16 - 0000132 _____ () C:\Users\Ozo\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-01-16 21:41 - 2015-01-16 21:41 - 0000021 _____ () C:\Users\Ozo\AppData\Roaming\my_intel.sys
2014-06-05 18:24 - 2015-10-06 17:13 - 0000074 _____ () C:\Users\Ozo\AppData\Roaming\sp_data.sys
2015-01-16 21:50 - 2015-05-26 12:54 - 0006144 _____ () C:\Users\Ozo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-28 18:39 - 2014-08-28 18:39 - 0000091 _____ () C:\Users\Ozo\AppData\Local\fusioncache.dat
2014-11-17 20:04 - 2015-07-20 17:17 - 0007607 _____ () C:\Users\Ozo\AppData\Local\Resmon.ResmonCfg
2015-03-18 13:39 - 2015-03-18 13:39 - 0000000 _____ () C:\Users\Ozo\AppData\Local\{4C04CAB7-D06C-4DE7-92B0-7F039482F8DE}
2015-01-20 20:36 - 2015-01-20 20:36 - 0000040 _____ () C:\ProgramData\ra3.ini
2014-12-27 11:25 - 2014-12-27 11:25 - 0003072 _____ () C:\ProgramData\wtwLicensing.db
Niektóre pliki w TEMP:
====================
C:\Users\Ozo\AppData\Local\Temp\sqlite3.dll
C:\Users\Ozo\AppData\Local\Temp\_is2451.exe
C:\Users\Ozo\AppData\Local\Temp\_is3FAE.exe
C:\Users\Ozo\AppData\Local\Temp\_is561B.exe
C:\Users\Ozo\AppData\Local\Temp\_is699B.exe
C:\Users\Ozo\AppData\Local\Temp\_is6DB0.exe
C:\Users\Ozo\AppData\Local\Temp\_is7F8B.exe
C:\Users\Ozo\AppData\Local\Temp\_isAD9.exe
C:\Users\Ozo\AppData\Local\Temp\_isC580.exe
C:\Users\Ozo\AppData\Local\Temp\_isD2FD.exe
==================== Bamital & volsnap =================
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
C:\Windows\system32\winlogon.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\wininit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\explorer.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\explorer.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\svchost.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\services.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\User32.dll = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\User32.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\userinit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\userinit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys = & gt; Plik podpisany cyfrowo
LastRegBack: 2015-10-01 20:39
==================== Koniec FRST.txt ============================