Frst.txt jest niekompletny, przeskanuj jeszcze raz i zamiesc caly plik. Zamiesc screen calego okna z: CrystalDiskInfo: http://portableapps.com/apps/utilities/crystaldiskinfo_portable Nie wiem o co Ci chodzi z iloscia ramu, w logu wszystko wyglada poprawnie: Total physical RAM: 2994.6 MB Available physical RAM: 567.51 MB Już.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018
Ran by Lenovo (administrator) on LAPTOP-MMMDTB7M (13-08-2018 08:59:23)
Running from D:\
Loaded Profiles: Lenovo (Available Profiles: Lenovo)
Platform: Windows 10 Home Version 1703 15063.1206 (X64) Language: Angielski (Stany Zjednoczone)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MsMpEng.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\NisSrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\LenovoUtility\utility.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18052.11111.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\pub\PubMonitor.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.1111_none_b9580e706f668ab0\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) D:\FRST64 (1).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] = & gt; C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [LenovoUtility] = & gt; C:\Program Files\Lenovo\LenovoUtility\utility.exe [894376 2017-04-14] (Lenovo(beijing) Limited)
HKLM\...\Run: [RTHDVCPL] = & gt; C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18242048 2017-03-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] = & gt; C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489408 2017-03-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] = & gt; C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489408 2017-03-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] = & gt; C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
HKLM-x32\...\Run: [IObit Malware Fighter] = & gt; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5567760 2018-07-16] (IObit)
HKLM\...\RunOnce: [!GetCurrentRollback] = & gt; C:\Windows10Upgrade\GetCurrentRollback.exe [57344 2018-07-19] (Microsoft Corporation)
HKLM\...\RunOnce: [RollbackOnline] = & gt; C:\$WINDOWS.~BT\Sources\SetupPlatform.exe [176864 2018-07-11] (Microsoft Corporation)
HKU\S-1-5-21-3252381865-432738924-2588522308-1002\...\Run: [CCleaner Monitoring] = & gt; C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd)
HKU\S-1-5-21-3252381865-432738924-2588522308-1002\...\Run: [Steam] = & gt; C:\Program Files (x86)\Steam\steam.exe [3201312 2018-06-09] (Valve Corporation)
HKU\S-1-5-21-3252381865-432738924-2588522308-1002\...\Run: [ALLUpdate] = & gt; C:\Program Files\ALLPlayer\ALLUpdate.exe [3884720 2017-10-04] (ALLPlayer.org)
HKU\S-1-5-21-3252381865-432738924-2588522308-1002\...\Run: [Napisy24Update] = & gt; " C:\Program Files (x86)\Napisy24\Napisy24Update.exe " " sleep "
HKU\S-1-5-21-3252381865-432738924-2588522308-1002\...\Run: [Wargaming.net Game Center] = & gt; C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2512248 2018-07-05] (Wargaming.net)
HKU\S-1-5-21-3252381865-432738924-2588522308-1002\...\MountPoints2: {9ebd8703-95a6-11e8-8212-95d7b2e27ba6} - " F:\HiSuiteDownLoader.exe "
HKU\S-1-5-21-3252381865-432738924-2588522308-1002\...\MountPoints2: {9ebd8774-95a6-11e8-8212-95d7b2e27ba6} - " F:\HiSuiteDownLoader.exe "
GroupPolicy: Restriction ? & lt; ==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{65ce4e66-4a09-4eb4-869b-a3f442ba6901}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b04abe10-bc21-4a92-b94b-24d4a587c6c6}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-3252381865-432738924-2588522308-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gazeta.pl/0,0.html?p=190
HKU\S-1-5-21-3252381865-432738924-2588522308-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3252381865-432738924-2588522308-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKLM - & gt; {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - & gt; {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-07-30] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-30] (Oracle Corporation)
FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 - & gt; C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-07-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 - & gt; C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-07-30] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - & gt; C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - & gt; C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-28] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default [2018-08-13]
CHR Extension: (Prezentacje) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-28]
CHR Extension: (Dokumenty) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-28]
CHR Extension: (Dysk Google) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-28]
CHR Extension: (YouTube) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-28]
CHR Extension: (Arkusze) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-28]
CHR Extension: (YouTube Flash Video Player) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fldkdmkgnlbehfgeifjpjabmandnchpe [2018-06-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-06-28]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-28]
CHR Extension: (Gmail) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-06-28]
CHR Extension: (Chrome Media Router) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-10]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
HKLM\SYSTEM\CurrentControlSet\Services\gzflt & lt; ==== ATTENTION (Rootkit!)
HKLM\SYSTEM\CurrentControlSet\Services\atc & lt; ==== ATTENTION (Rootkit!)
HKLM\SYSTEM\CurrentControlSet\Services\avc3 & lt; ==== ATTENTION (Rootkit!)
HKLM\SYSTEM\CurrentControlSet\Services\trufos & lt; ==== ATTENTION (Rootkit!)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [71408 2018-05-16] (Lenovo Group Limited)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2347280 2018-07-16] (IObit)
R2 osrss; C:\Windows\system32\osrss.dll [131288 2018-06-27] (Microsoft Corporation)
R2 sedsvc; C:\Program Files\rempl\sedsvc.exe [294912 2018-08-03] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [276616 2018-03-14] (Synaptics Incorporated)
R2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [51208 2017-01-09] (Advanced Micro Devices, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-07-31] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-07-31] (Microsoft Corporation)
S2 HuaweiHiSuiteService64.exe; " C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe " -/service [X]
S2 vsservppl; " C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe " /service [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [100744 2017-01-09] (Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0312694.inf_amd64_9da804b05ab53fd2\atikmdag.sys [32703384 2017-03-30] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\c0312694.inf_amd64_9da804b05ab53fd2\atikmpag.sys [525208 2017-03-30] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [86936 2017-03-30] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [255368 2017-01-09] (Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [101376 2016-12-08] (Advanced Micro Devices)
R3 BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [605608 2017-01-18] (Qualcomm)
S3 edrsensor; C:\Windows\System32\DRIVERS\edrsensor.sys [246064 2018-04-19] (BitDefender S.R.L. Bucharest, ROMANIA)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2018-04-20] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-04-20] (Huawei Technologies Co., Ltd.)
R1 IMFCameraProtect; C:\Windows\system32\drivers\IMFCameraProtect.sys [44032 2018-03-20] (IObit.com)
R3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFDownProtect.sys [39232 2018-03-20] (IObit.com)
S4 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win10_amd64\IMFFilter.sys [40384 2018-03-20] (IObit)
R3 IMFForceDelete; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFForceDelete.sys [34048 2018-03-20] (IObit.com)
S1 IMFMBRProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFMBRProtect.sys [41920 2018-06-27] (IObit.com)
R1 IMFSafeBox; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFSafeBox.sys [51256 2018-04-04] (IObit.com)
R1 MpKsl9bd8fcf2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1311CCCC-BA3C-45E6-809A-EC28F06FD00F}\MpKsl9bd8fcf2.sys [58120 2018-08-12] (Microsoft Corporation)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\regfilter.sys [52728 2018-03-20] (IObit.com)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [943112 2016-08-22] (Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [418784 2016-08-05] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3150344 2016-10-24] (Realtek Semiconductor Corp.)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [213080 2018-07-16] (Oracle Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46584 2018-07-31] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [340008 2018-07-31] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [61992 2018-07-31] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-08-13 08:58 - 2018-08-13 08:58 - 000099190 _____ C:\ProgramData\uninstalltool.1534143457.bdinstall.bin
2018-08-12 20:31 - 2018-08-12 20:32 - 010883976 _____ C:\Users\Lenovo\Downloads\Bitdefender_2019_Uninstall_Tool.exe
2018-08-12 13:11 - 2018-08-12 13:11 - 000007731 _____ C:\Users\Lenovo\Downloads\010101011000011110010101010110101.sb2
2018-08-11 14:53 - 2018-08-11 15:09 - 000041239 _____ C:\Users\Lenovo\Downloads\Addition.txt
2018-08-11 14:50 - 2018-08-11 15:10 - 000011870 _____ C:\Users\Lenovo\Downloads\FRST.txt
2018-08-11 14:49 - 2018-08-13 08:59 - 000000000 ____D C:\FRST
2018-08-11 12:06 - 2018-08-11 12:49 - 000000000 ___HD C:\$WINDOWS.~BT
2018-08-11 11:57 - 2018-08-11 12:04 - 000000036 _____ C:\Windows\progress.ini
2018-08-11 11:16 - 2018-08-11 11:57 - 000000000 ___HD C:\$GetCurrent
2018-08-11 11:16 - 2018-08-11 11:57 - 000000000 ____D C:\Windows10Upgrade
2018-08-11 11:05 - 2018-08-11 11:05 - 000000000 ____D C:\Windows\UpdateAssistant
2018-08-11 09:40 - 2018-08-11 09:40 - 000020888 _____ C:\Users\Lenovo\Documents\cc_20180811_094014.reg
2018-08-11 09:01 - 2018-08-11 09:02 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\IObit
2018-08-11 09:01 - 2018-03-20 07:09 - 000044032 _____ (IObit.com) C:\Windows\system32\Drivers\IMFCameraProtect.sys
2018-08-11 09:00 - 2018-08-11 09:24 - 000000000 ____D C:\ProgramData\ProductData
2018-08-11 09:00 - 2018-08-11 09:01 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\IObit
2018-08-11 09:00 - 2018-08-11 09:00 - 000001253 _____ C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2018-08-11 09:00 - 2018-08-11 09:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2018-08-11 09:00 - 2018-08-11 09:00 - 000000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2018-08-11 08:59 - 2018-08-11 08:59 - 042042560 _____ (IObit ) C:\Users\Lenovo\Downloads\IObit-Malware-Fighter-Setup.exe
2018-08-10 19:58 - 2018-08-10 19:58 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Eraser 6
2018-08-10 19:51 - 2018-08-10 19:51 - 009101000 _____ (The Eraser Project) C:\Users\Lenovo\Downloads\Eraser 6.2.0.2982.exe
2018-08-10 19:36 - 2018-08-11 09:02 - 000000000 ____D C:\ProgramData\IObit
2018-08-10 19:36 - 2018-08-11 09:00 - 000000000 ____D C:\Program Files (x86)\IObit
2018-08-10 19:34 - 2018-08-10 19:34 - 002498288 _____ (IObit ) C:\Users\Lenovo\Downloads\unlocker-setup.exe
2018-08-10 19:31 - 2018-08-11 15:06 - 000000000 ____D C:\Program Files (x86)\Delete Doctor
2018-08-10 19:30 - 2018-08-10 19:30 - 001188386 _____ C:\Users\Lenovo\Downloads\deletedr.exe
2018-08-10 19:28 - 2018-05-17 19:52 - 000023024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Luadgmgt.dll
2018-08-10 19:27 - 2018-08-10 19:27 - 000000000 ____D C:\Users\Lenovo\AppData\Local\GHISLER
2018-08-10 19:26 - 2018-08-10 19:27 - 000000000 ____D C:\totalcmd
2018-08-10 19:26 - 2018-08-10 19:26 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2018-08-10 19:26 - 2018-08-10 19:26 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\GHISLER
2018-08-10 19:25 - 2018-08-10 19:25 - 007636536 _____ (Ghisler Software GmbH) C:\Users\Lenovo\Downloads\tcmd920x32_64.exe
2018-08-08 19:39 - 2018-08-08 19:39 - 000000000 ____D C:\Users\Lenovo\.android
2018-08-08 19:37 - 2018-08-08 19:37 - 000000000 ____D C:\Users\Lenovo\Documents\HiSuite
2018-08-08 19:36 - 2018-04-20 08:28 - 002152176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFUpdate_01009.dll
2018-08-08 19:36 - 2018-04-20 08:28 - 001721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2018-08-08 19:36 - 2018-04-20 08:28 - 001721576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01009.dll
2018-08-08 19:36 - 2018-04-20 08:28 - 001002728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusbcoinstaller2.dll
2018-08-08 19:36 - 2018-04-20 08:28 - 000287232 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbnet.sys
2018-08-08 19:36 - 2018-04-20 08:28 - 000226560 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbmdm.sys
2018-08-08 19:36 - 2018-04-20 08:28 - 000127360 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_cdcacm.sys
2018-08-08 19:36 - 2018-04-20 08:28 - 000116864 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_usbdev.sys
2018-08-08 19:36 - 2018-04-20 08:28 - 000018944 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbccgpfilter.sys
2018-08-05 16:31 - 2018-08-05 16:31 - 001773056 _____ (Farbar) C:\Users\Lenovo\Downloads\FRST.exe
2018-08-05 16:29 - 2018-08-05 16:29 - 002412544 _____ (Farbar) C:\Users\Lenovo\Downloads\FRST64.exe
2018-08-04 17:30 - 2018-08-04 17:31 - 007197480 _____ (VS Revo Group ) C:\Users\Lenovo\Downloads\revosetup.exe
2018-08-02 12:57 - 2018-08-02 12:57 - 000000000 ____D C:\Users\Public\Documents\Display
2018-08-02 10:24 - 2018-08-02 10:24 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\Lenovo
2018-08-01 17:47 - 2018-08-01 17:48 - 000328628 _____ C:\Windows\Minidump\080118-49500-01.dmp
2018-08-01 15:48 - 2018-08-01 17:50 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2018-08-01 15:45 - 2018-08-01 15:46 - 000319236 _____ C:\Windows\Minidump\080118-70687-01.dmp
2018-08-01 15:36 - 2018-08-01 15:37 - 000335988 _____ C:\Windows\Minidump\080118-76593-01.dmp
2018-08-01 14:09 - 2018-08-01 14:09 - 000000000 _____ C:\Windows\Minidump\080118-98468-01.dmp
2018-08-01 14:08 - 2018-08-01 17:47 - 138674799 _____ C:\Windows\MEMORY.DMP
2018-08-01 08:47 - 2018-08-01 08:47 - 003950464 _____ (Crystal Dew World ) C:\Users\Lenovo\Downloads\CrystalDiskInfo7_6_1.exe
2018-08-01 08:47 - 2018-08-01 08:47 - 000001276 _____ C:\Users\Lenovo\Desktop\CrystalDiskInfo.lnk
2018-08-01 08:47 - 2018-08-01 08:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2018-08-01 08:47 - 2018-08-01 08:47 - 000000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2018-07-31 16:37 - 2018-08-11 11:57 - 000000258 ___SH C:\ProgramData\ntuser.pol
2018-07-31 16:37 - 2018-07-31 16:37 - 000000000 ____D C:\Users\Lenovo\Downloads\rufus_files
2018-07-31 16:36 - 2018-07-31 16:36 - 001018424 _____ (Akeo Consulting (hxxp://akeo.ie)) C:\Users\Lenovo\Downloads\rufus-3.1.exe
2018-07-31 09:10 - 2018-07-31 09:46 - 1942355968 _____ C:\Users\Lenovo\Downloads\linuxmint-19-cinnamon-64bit-v2.iso
2018-07-31 09:09 - 2018-07-31 09:09 - 000037325 _____ C:\Users\Lenovo\Downloads\linuxmint-19-cinnamon-64bit-v2.iso.torrent
2018-07-31 08:40 - 2018-07-31 08:40 - 000025575 _____ C:\ProgramData\agent.uninstall.1533019223.bdinstall.bin
2018-07-31 08:29 - 2018-07-31 16:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free
2018-07-31 08:29 - 2018-04-19 11:15 - 000246064 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\edrsensor.sys
2018-07-31 08:25 - 2018-07-31 08:25 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\QuickScan
2018-07-31 08:24 - 2018-08-11 09:04 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2018-07-31 08:17 - 2018-07-31 08:17 - 000042936 _____ C:\ProgramData\agent.1533017853.bdinstall.bin
2018-07-30 14:59 - 2018-07-30 14:59 - 001902968 _____ (Oracle Corporation) C:\Users\Lenovo\Downloads\JavaSetup8u181.exe
2018-07-30 13:37 - 2018-07-30 13:37 - 000001236 _____ C:\Users\Lenovo\Desktop\adwcleaner_7.2.1_www.INSTALKI.pl — skrót .lnk
2018-07-30 13:22 - 2018-07-30 13:22 - 000001216 _____ C:\Users\Lenovo\Documents\cc_20180730_132219.reg
2018-07-29 14:04 - 2018-07-29 14:04 - 000000618 _____ C:\Users\Lenovo\Desktop\SkyLand — skrót .lnk
2018-07-29 12:57 - 2018-07-29 12:57 - 000000814 _____ C:\Users\Lenovo\Documents\cc_20180729_125710.reg
2018-07-23 20:56 - 2018-07-23 20:56 - 000007912 _____ C:\Users\Lenovo\Documents\cc_20180723_205634.reg
2018-07-23 06:52 - 2018-07-23 06:52 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2018-07-17 20:39 - 2018-07-18 07:54 - 000000000 ____D C:\Users\Lenovo\.VirtualBox
2018-07-17 20:39 - 2018-07-17 20:39 - 000000000 ____D C:\Users\Lenovo\VirtualBox VMs
2018-07-16 12:35 - 2018-07-16 12:35 - 000222864 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetLwf.sys
2018-07-16 12:35 - 2018-07-16 12:35 - 000213080 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp6.sys
2018-07-14 12:33 - 2018-07-14 12:33 - 001099297 _____ C:\Users\Lenovo\Downloads\SkyLand.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-08-13 08:54 - 2017-03-23 19:26 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-08-12 17:18 - 2018-06-30 12:02 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\.minecraft
2018-08-12 09:03 - 2018-06-28 08:04 - 000004210 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-08-11 17:27 - 2017-06-19 20:03 - 000001908 _____ C:\Windows\diagwrn.xml
2018-08-11 17:27 - 2017-06-19 20:03 - 000001908 _____ C:\Windows\diagerr.xml
2018-08-11 17:27 - 2017-03-23 20:16 - 000000000 ____D C:\Windows\Panther
2018-08-11 15:14 - 2017-06-02 22:19 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-08-11 15:13 - 2017-03-18 23:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-08-11 15:11 - 2017-03-18 23:01 - 000000000 ____D C:\Windows\INF
2018-08-11 15:08 - 2017-06-02 22:18 - 000000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2018-08-11 15:07 - 2017-06-19 19:43 - 000000000 ____D C:\Program Files (x86)\Lenovo
2018-08-11 13:01 - 2017-03-18 13:40 - 000032768 _____ C:\Windows\system32\config\ELAM
2018-08-11 12:50 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\Registration
2018-08-10 20:03 - 2018-04-07 01:25 - 000000000 ____D C:\Users\Lenovo
2018-08-10 20:03 - 2017-03-23 19:26 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-10 20:02 - 2017-06-19 19:37 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2018-08-10 20:02 - 2017-03-18 13:40 - 000786432 _____ C:\Windows\system32\config\BBI
2018-08-10 19:34 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\AppReadiness
2018-08-10 19:31 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2018-08-10 19:28 - 2018-06-28 10:40 - 000000000 ____D C:\Program Files\rempl
2018-08-10 09:31 - 2018-06-28 08:04 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-10 09:31 - 2018-06-28 08:04 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-08-03 13:18 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\LiveKernelReports
2018-08-03 08:29 - 2018-06-28 18:36 - 000000000 ____D C:\Users\Lenovo\Documents\BeamNG.drive
2018-08-01 17:47 - 2018-04-17 04:50 - 000000000 ____D C:\Windows\Minidump
2018-07-31 16:42 - 2018-06-27 19:33 - 000000000 ____D C:\Windows\system32\Drivers\wd
2018-07-31 16:37 - 2017-03-18 23:03 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2018-07-31 16:37 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2018-07-30 15:04 - 2018-06-28 05:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-07-30 15:04 - 2018-06-28 05:36 - 000000000 ____D C:\Program Files (x86)\Java
2018-07-30 15:02 - 2018-06-28 05:36 - 000098680 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2018-07-30 07:36 - 2017-03-18 22:51 - 000000000 ____D C:\Windows\CbsTemp
2018-07-29 12:43 - 2017-06-02 22:22 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-07-29 12:43 - 2017-06-02 22:22 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-07-29 12:43 - 2017-06-02 22:22 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-07-29 12:43 - 2017-06-02 22:22 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-07-29 12:42 - 2017-06-02 22:22 - 000002463 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-07-29 12:42 - 2017-06-02 22:22 - 000002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-07-27 06:39 - 2018-07-11 10:39 - 000000000 ____D C:\ProgramData\Packages
2018-07-23 20:57 - 2018-06-28 08:21 - 000000000 ____D C:\Program Files (x86)\Steam
2018-07-22 13:32 - 2018-06-28 09:49 - 000000000 ____D C:\Users\Lenovo\Documents\DAVAProject
2018-07-22 09:27 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\rescache
2018-07-19 14:40 - 2018-06-28 07:06 - 000003378 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3252381865-432738924-2588522308-1002
2018-07-19 14:40 - 2018-04-07 02:52 - 000002417 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-07-19 14:40 - 2018-04-07 02:52 - 000000000 ___RD C:\Users\Lenovo\OneDrive
2018-07-18 19:20 - 2017-06-19 19:46 - 000000000 ____D C:\Windows\System32\Tasks\Lenovo
2018-07-17 18:16 - 2018-06-28 07:29 - 000563832 _____ (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2018-07-16 18:37 - 2018-04-05 06:57 - 000015829 _____ C:\Windows\system32\InstallUtil.InstallLog
2018-07-16 18:30 - 2018-07-12 08:14 - 000000000 ____D C:\ProgramData\boost_interprocess
2018-07-16 18:29 - 2017-03-23 19:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-07-16 18:27 - 2017-03-23 19:26 - 000383720 _____ C:\Windows\system32\FNTCACHE.DAT
2018-07-16 18:25 - 2017-03-19 04:32 - 000000000 ____D C:\Windows\HoloShell
2018-07-16 18:25 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\system32\appraiser
2018-07-16 18:25 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\ShellExperiences
2018-07-16 11:34 - 2018-06-28 09:22 - 000885766 _____ C:\Windows\system32\perfh015.dat
2018-07-16 11:34 - 2018-06-28 09:22 - 000178224 _____ C:\Windows\system32\perfc015.dat
2018-07-16 11:34 - 2017-03-23 19:32 - 002329616 _____ C:\Windows\system32\PerfStringBackup.INI
2018-07-15 08:51 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\system32\NDF
Some files in TEMP:
====================
2018-07-16 18:30 - 2018-07-16 18:30 - 004346990 _____ (Napisy24.pl ) C:\Users\Lenovo\AppData\Local\Temp\Napisy24.exe
2018-06-28 07:07 - 2018-06-28 07:07 - 022839360 _____ (SweetLabs,Inc.) C:\Users\Lenovo\AppData\Local\Temp\octD5A4.tmp.exe
2018-06-28 17:16 - 2018-06-28 17:16 - 000192512 _____ () C:\Users\Lenovo\AppData\Local\Temp\sfamcc00001.dll
2015-02-10 19:56 - 2015-02-10 19:56 - 000105984 _____ () C:\Users\Lenovo\AppData\Local\Temp\sfextra.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe = & gt; File is digitally signed
C:\Windows\system32\wininit.exe = & gt; File is digitally signed
C:\Windows\explorer.exe = & gt; File is digitally signed
C:\Windows\SysWOW64\explorer.exe = & gt; File is digitally signed
C:\Windows\system32\svchost.exe = & gt; File is digitally signed
C:\Windows\SysWOW64\svchost.exe = & gt; File is digitally signed
C:\Windows\system32\services.exe = & gt; File is digitally signed
C:\Windows\system32\User32.dll = & gt; File is digitally signed
C:\Windows\SysWOW64\User32.dll = & gt; File is digitally signed
C:\Windows\system32\userinit.exe = & gt; File is digitally signed
C:\Windows\SysWOW64\userinit.exe = & gt; File is digitally signed
C:\Windows\system32\rpcss.dll = & gt; File is digitally signed
C:\Windows\system32\dnsapi.dll = & gt; File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll = & gt; File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys = & gt; File is digitally signed
LastRegBack: 2018-08-04 21:50
==================== End of FRST.txt ============================