Wstawiam logi z OTL i FRST w załącznikach. Generalnie chodzi mi o wysoki zużycie RAM bez włączonych aktualizacji.
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:17-02-2016
Uruchomiony przez ABPC (administrator) ABPC-KOMPUTER (18-02-2016 17:57:53)
Uruchomiony z C:\Users\ABPC\Desktop\Pobrane z Firefox
Załadowane profile: ABPC (Dostępne profile: ABPC)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: FF)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesy (filtrowane) =================
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\Logishrd\LVMVFM\LVPrS64H.exe
(ABBYY) C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\Logishrd\LComMgr\Communications_Helper.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\Logishrd\LComMgr\LVComSX.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Spotify Ltd) C:\Users\ABPC\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe
(OldTimer Tools) C:\Users\ABPC\Desktop\Pobrane z Firefox\OTL_www.INSTALKI.pl(1).exe
==================== Rejestr (filtrowane) ===========================
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
HKLM\...\Run: [SoundMAX] = & gt; C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe [3866624 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [egui] = & gt; C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-07-08] (ESET)
HKLM\...\Run: [CDAServer] = & gt; C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM-x32\...\Run: [LogitechCommunicationsManager] = & gt; C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [488984 2007-02-08] (Logitech Inc.)
HKLM-x32\...\Run: [LVCOMSX] = & gt; C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\LVComSX.exe [252704 2007-02-06] (Logitech Inc.)
HKLM-x32\...\Run: [Bonus.SSR.FR11] = & gt; C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [934152 2011-11-07] (ABBYY.)
HKLM-x32\...\Run: [APSDaemon] = & gt; C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] = & gt; C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] = & gt; C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKU\S-1-5-21-605420869-3132362589-28488023-1001\...\Run: [OscarEditor] = & gt; C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe [3345408 2012-08-17] ()
HKU\S-1-5-21-605420869-3132362589-28488023-1001\...\Run: [DAEMON Tools Lite Automount] = & gt; C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-605420869-3132362589-28488023-1001\...\Run: [Spotify Web Helper] = & gt; C:\Users\ABPC\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524336 2016-02-18] (Spotify Ltd)
HKU\S-1-5-21-605420869-3132362589-28488023-1001\...\Run: [Spotify] = & gt; C:\Users\ABPC\AppData\Roaming\Spotify\Spotify.exe [6743664 2016-02-18] (Spotify Ltd)
HKU\S-1-5-21-605420869-3132362589-28488023-1001\...\MountPoints2: H - H:\setup.exe
HKU\S-1-5-21-605420869-3132362589-28488023-1001\...\MountPoints2: J - J:\Setup.exe
HKU\S-1-5-21-605420869-3132362589-28488023-1001\...\MountPoints2: {5c2214b2-477f-11e5-a0c0-00173188a53d} - I:\LG_PC_Programs.exe
HKU\S-1-5-21-605420869-3132362589-28488023-1001\...\MountPoints2: {bdc04541-8add-11e5-ace4-00173188a53d} - J:\Setup.exe
HKU\S-1-5-21-605420869-3132362589-28488023-1001\...\MountPoints2: {ecb0499e-8bbd-11e5-992f-00173188a53d} - I:\setup.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] = & gt; C:\Windows\System32\SPReview\SPReview.exe [301568 2015-08-06] (Microsoft Corporation)
==================== Internet (filtrowane) ====================
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7C1A4029-6A4C-4261-883D-A0127CFE9F23}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.pl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.pl
HKU\S-1-5-21-605420869-3132362589-28488023-1001\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.pl
SearchScopes: HKLM - & gt; DefaultScope {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language} & q={searchTerms}
SearchScopes: HKLM - & gt; {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language} & q={searchTerms}
SearchScopes: HKLM-x32 - & gt; DefaultScope {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language} & q={searchTerms}
SearchScopes: HKLM-x32 - & gt; {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language} & q={searchTerms}
SearchScopes: HKU\S-1-5-21-605420869-3132362589-28488023-1001 - & gt; DefaultScope {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language} & q={searchTerms}
SearchScopes: HKU\S-1-5-21-605420869-3132362589-28488023-1001 - & gt; {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language} & q={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-11] (Oracle Corporation)
BHO-x32: Brak nazwy - & gt; {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - & gt; Brak pliku
BHO-x32: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-11] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\ABPC\AppData\Roaming\Mozilla\Firefox\Profiles\w401bch0.default
FF Homepage: www.onet.pl
FF Plugin: @adobe.com/FlashPlayer - & gt; C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-16] ()
FF Plugin: @microsoft.com/GENUINE - & gt; disabled [Brak pliku]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - & gt; C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - & gt; C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-16] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 - & gt; C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 - & gt; C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - & gt; disabled [Brak pliku]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - & gt; C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - & gt; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - & gt; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-25] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 - & gt; C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Brak pliku]
FF Plugin-x32: Adobe Reader - & gt; C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: Flash and Video Download - C:\Users\ABPC\AppData\Roaming\Mozilla\Firefox\Profiles\w401bch0.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2016-01-04]
FF Extension: FireGestures - C:\Users\ABPC\AppData\Roaming\Mozilla\Firefox\Profiles\w401bch0.default\extensions\firegestures@xuldev.org.xpi [2016-02-09]
FF Extension: Adblock Plus - C:\Users\ABPC\AppData\Roaming\Mozilla\Firefox\Profiles\w401bch0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-19]
==================== Usługi (filtrowane) ========================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [819976 2011-10-12] (ABBYY)
R2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2009-06-05] (Andrea Electronics Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
S3 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [Brak podpisu cyfrowego]
S2 LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [173344 2007-02-06] (Logitech Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
S3 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Sterowniki (filtrowane) ==========================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus64.sys [20992 2014-10-10] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2014-10-10] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2014-10-10] (LG Electronics Inc.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-11-14] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-14] (ESET)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [251632 2015-07-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [178520 2015-07-14] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [231520 2015-07-14] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [53360 2015-07-14] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [72400 2015-07-14] (ESET)
S3 LVcKap64; C:\Windows\System32\DRIVERS\LVcKap64.sys [1013024 2007-02-06] (Logitech Inc.)
S3 LVMVDrv; C:\Windows\System32\DRIVERS\LVMVDrv.sys [2346016 2007-02-06] (Logitech Inc.)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [31520 2007-02-06] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
S4 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S4 tsusbhub; system32\drivers\tsusbhub.sys [X]
S4 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
==================== Jeden miesiąc - utworzone pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2016-02-18 17:56 - 2016-02-18 17:57 - 00000000 ____D C:\FRST
2016-02-18 17:20 - 2016-02-18 17:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2016-02-18 17:20 - 2016-02-18 17:20 - 00000000 ____D C:\Program Files\CPUID
2016-02-18 17:18 - 2016-02-18 17:40 - 00000000 ____D C:\Users\ABPC\AppData\LocalLow\uTorrent
2016-02-16 19:45 - 2016-02-16 20:23 - 00000000 ___RD C:\Users\ABPC\Documents\Scanned Documents
2016-02-16 19:45 - 2016-02-16 19:45 - 00000000 ____D C:\Users\ABPC\Documents\Fax
2016-02-16 19:23 - 2016-02-16 19:23 - 00000000 ____D C:\Users\ABPC\AppData\Local\Downloaded Installations
2016-02-16 19:05 - 2016-02-16 20:24 - 00000000 ____D C:\Users\ABPC\Desktop\Skan
2016-02-16 18:54 - 2016-02-16 18:54 - 00000000 ____D C:\ProgramData\Samsung
2016-02-16 18:54 - 2016-02-16 18:54 - 00000000 ____D C:\Program Files\Common Files\Common Desktop Agent
2016-02-16 18:53 - 2016-02-16 18:53 - 00000000 ____D C:\ProgramData\SSScan
2016-02-16 18:52 - 2016-02-16 18:54 - 00000000 ____D C:\Users\ABPC\AppData\Roaming\Samsung
2016-02-16 18:51 - 2016-02-16 19:34 - 00000000 ____D C:\Windows\twain_64
2016-02-16 18:51 - 2013-09-02 03:57 - 00155696 _____ C:\Windows\wiainst64.exe
2016-02-16 18:50 - 2013-10-04 06:31 - 00579072 _____ C:\Windows\system32\SNWIAUI.dll
2016-02-16 18:50 - 2013-10-04 05:53 - 00734720 _____ C:\Windows\system32\SnMinDrv.dll
2016-02-16 18:50 - 2013-10-04 05:53 - 00155136 _____ C:\Windows\system32\SnImgFlt.dll
2016-02-16 18:50 - 2013-10-04 05:52 - 00068096 _____ C:\Windows\system32\SnErHdlr.dll
2016-02-16 18:50 - 2013-06-01 06:13 - 01571160 ____N C:\Windows\TotalUninstaller.exe
2016-02-16 18:50 - 2013-02-22 05:29 - 00365568 _____ C:\Windows\system32\SaMinDrv.dll
2016-02-16 18:50 - 2013-02-22 05:29 - 00112128 _____ C:\Windows\system32\SaImgFlt.dll
2016-02-16 18:50 - 2013-02-22 05:29 - 00055296 _____ C:\Windows\system32\SaErHdlr.dll
2016-02-16 18:50 - 2012-12-10 03:09 - 00120846 _____ C:\Windows\system32\WIAEXSTR.loc
2016-02-16 18:50 - 2012-03-14 00:58 - 00166640 _____ (TWAIN Working Group) C:\Windows\system32\TWAINDSM.dll
2016-02-16 18:50 - 2012-02-09 08:20 - 00355840 _____ (Samsung Electronics) C:\Windows\system32\snWIAMUI.dll
2016-02-12 16:22 - 2016-02-13 21:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-06 17:25 - 2016-02-06 17:25 - 00000000 ____D C:\Users\ABPC\Desktop\wow
2016-02-06 17:06 - 2016-02-06 17:07 - 00000000 ____D C:\Users\ABPC\Desktop\Łoś kruszyniany
2016-02-06 17:04 - 2016-02-06 17:04 - 00000000 ____D C:\Users\ABPC\Desktop\album turcja
2016-01-25 19:33 - 2016-01-25 19:33 - 00000000 ____D C:\Users\ABPC\AppData\Local\ElevatedDiagnostics
2016-01-25 19:30 - 2016-01-25 19:30 - 00047104 ___SH C:\Users\ABPC\Thumbs.db
2016-01-25 19:30 - 2016-01-25 19:30 - 00000000 ____H C:\Users\ABPC\Documents\Default.rdp
2016-01-25 19:29 - 2016-01-25 19:30 - 00001144 _____ C:\Users\ABPC\Microsoft Office.lnk
2016-01-23 23:33 - 2016-02-18 17:57 - 00000000 ____D C:\Users\ABPC\Desktop\Pobrane z Firefox
2016-01-20 20:03 - 2016-01-20 20:03 - 00000000 ____D C:\Users\ABPC\Desktop\holly1
2016-01-20 20:02 - 2016-01-20 20:15 - 678673994 _____ C:\Users\ABPC\Desktop\Stock ROM-Huawei Honor Holly HOL-U19.zip
2016-01-20 18:52 - 2016-01-20 18:52 - 00000274 _____ C:\Users\ABPC\Desktop\4t.txt
2016-01-20 17:27 - 2016-01-20 17:28 - 96819488 _____ (The GIMP Team ) C:\Users\ABPC\Desktop\gimp-2.8.16-setup.exe
==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2016-02-18 17:52 - 2009-07-14 05:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-18 17:52 - 2009-07-14 05:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-18 17:50 - 2009-07-14 18:55 - 00740422 _____ C:\Windows\system32\perfh015.dat
2016-02-18 17:50 - 2009-07-14 18:55 - 00155996 _____ C:\Windows\system32\perfc015.dat
2016-02-18 17:50 - 2009-07-14 06:13 - 01670518 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-18 17:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-02-18 17:44 - 2015-12-27 17:53 - 00000000 ____D C:\Users\ABPC\AppData\Roaming\Spotify
2016-02-18 17:44 - 2015-12-27 17:53 - 00000000 ____D C:\Users\ABPC\AppData\Local\Spotify
2016-02-18 17:44 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-18 17:40 - 2015-09-04 19:34 - 00000000 ____D C:\Users\ABPC\AppData\Roaming\uTorrent
2016-02-18 17:31 - 2009-07-14 06:08 - 00032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-02-18 17:26 - 2015-08-04 19:09 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-17 17:54 - 2015-09-21 18:38 - 00000000 ____D C:\Users\ABPC\AppData\Roaming\Skype
2016-02-16 19:57 - 2015-09-21 18:38 - 00000000 ____D C:\ProgramData\Skype
2016-02-16 19:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\schemas
2016-02-16 19:31 - 2015-08-06 17:35 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-16 19:29 - 2015-08-02 12:37 - 00001057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-16 18:55 - 2015-09-27 13:45 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-16 18:54 - 2015-09-09 13:41 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2016-02-16 18:54 - 2015-09-09 13:41 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-02-16 16:40 - 2015-08-04 19:07 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-16 16:40 - 2015-08-04 19:07 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-16 16:40 - 2015-08-04 19:07 - 00003870 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-15 17:21 - 2015-08-31 22:08 - 00000000 ____D C:\AdwCleaner
2016-02-13 23:07 - 2015-10-04 18:07 - 00000000 ____D C:\Users\ABPC\AppData\Roaming\vlc
2016-02-13 21:32 - 2015-08-02 12:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-11 20:11 - 2015-11-17 09:46 - 00000000 ____D C:\ProgramData\Oracle
2016-02-11 20:00 - 2015-11-17 09:46 - 00000000 ____D C:\Program Files (x86)\Java
2016-02-11 19:59 - 2015-11-17 09:47 - 00000000 ____D C:\Users\ABPC\.oracle_jre_usage
2016-02-11 19:59 - 2015-11-17 09:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-11 19:58 - 2015-11-17 09:46 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-02-11 19:56 - 2016-01-11 23:01 - 00000000 ____D C:\Users\ABPC\Desktop\Dokumenty
2016-01-25 19:30 - 2015-08-02 12:27 - 00000000 ____D C:\Users\ABPC
2016-01-24 12:25 - 2015-12-06 10:16 - 00012526 _____ C:\Users\ABPC\Desktop\Tabele wagi.xlsx
2016-01-23 15:56 - 2015-10-08 15:19 - 00000000 ____D C:\Users\ABPC\AppData\Roaming\IrfanView
==================== Pliki w katalogu głównym wybranych folderów =======
2015-11-06 17:29 - 2015-11-06 17:29 - 0002298 _____ () C:\Users\ABPC\AppData\Roaming\ASSDraw3.cfg
2015-11-07 23:39 - 2015-11-19 11:53 - 0003584 _____ () C:\Users\ABPC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-01 16:49 - 2015-09-01 16:49 - 0003152 _____ () C:\Users\ABPC\AppData\Local\recently-used.xbel
2015-12-18 18:29 - 2015-12-18 19:05 - 0007603 _____ () C:\Users\ABPC\AppData\Local\Resmon.ResmonCfg
Niektóre pliki w TEMP:
====================
C:\Users\ABPC\AppData\Local\Temp\InstHelper.exe
C:\Users\ABPC\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\ABPC\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\ABPC\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\ABPC\AppData\Local\Temp\nvStInst.exe
C:\Users\ABPC\AppData\Local\Temp\vsdel.exe
C:\Users\ABPC\AppData\Local\Temp\_isF5F2.exe
==================== Bamital & volsnap =================
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
C:\Windows\system32\winlogon.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\wininit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\explorer.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\explorer.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\svchost.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\services.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\User32.dll = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\User32.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\userinit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\userinit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys = & gt; Plik podpisany cyfrowo
LastRegBack: 2016-02-16 18:28
==================== Koniec FRST.txt ============================