Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 02-11-2017
Uruchomiony przez Dom (administrator)  DESKTOP-GS2G1UR (07-11-2017 18:04:55)
Uruchomiony z C:\Users\Dom\Downloads
Załadowane profile: Dom (Dostępne profile: Dom)
Platform: Windows 10 Pro Wersja 1703 15063.138 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: FF)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(SafeNet, Inc.) C:\Windows\System32\hasplms.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.204.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe

==================== Rejestr (filtrowane) ===========================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1489088 2017-08-29] (COMODO)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SERVICE] => [X]
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [3632848 2017-08-08] (COMODO)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567928 2017-11-01] (Dropbox, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-03-28] (Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA
HKU\S-1-5-21-1803833564-911489967-1141370572-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9856176 2017-09-20] (Piriform Ltd)
HKU\S-1-5-21-1803833564-911489967-1141370572-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3074336 2017-09-27] (Valve Corporation)
HKU\S-1-5-21-1803833564-911489967-1141370572-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [5187648 2017-10-20] (GOG.com)
HKU\S-1-5-21-1803833564-911489967-1141370572-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-1803833564-911489967-1141370572-1001\...\MountPoints2: {2058b556-514f-11e7-926d-94de80d5f53a} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-1803833564-911489967-1141370572-1001\...\MountPoints2: {2666e3b4-5515-11e7-9270-94de80d5f53a} - "E:\HTC_Sync_Manager_PC.exe" 
GroupPolicy: Ograniczenia - Chrome <==== UWAGA

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ead3e037-d335-4f19-80e0-17a6315727ee}: [NameServer] 82.163.142.8,95.211.158.136
Tcpip\..\Interfaces\{ead3e037-d335-4f19-80e0-17a6315727ee}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 0od8g3s3.default-1509991534018
FF ProfilePath: C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\0od8g3s3.default-1509991534018 [2017-11-07]
FF Homepage: Mozilla\Firefox\Profiles\0od8g3s3.default-1509991534018 -> www.google.pl
FF Extension: (Adblock Plus) - C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\0od8g3s3.default-1509991534018\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-11-06]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default [2017-11-06]
CHR Extension: (Prezentacje) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-20]
CHR Extension: (Dokumenty) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-20]
CHR Extension: (Dysk Google) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-11]
CHR Extension: (YouTube) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-11]
CHR Extension: (Adblock Plus) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-10-20]
CHR Extension: (Arkusze) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-20]
CHR Extension: (Pulpit zdalny Chrome) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-10-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-04]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-09-01]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-01]
CHR Extension: (Gmail) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-11]
CHR Extension: (Chrome Media Router) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-20]
CHR HKU\S-1-5-21-1803833564-911489967-1141370572-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Usługi (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1522184 2017-06-16] ()
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\63.0.3239.32\remoting_host.exe [71512 2017-11-02] (Google Inc.)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10501616 2017-08-29] (COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-08-29] (COMODO)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-11] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-11] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51016 2017-11-01] (Dropbox, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [536128 2017-10-20] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8256576 2017-10-11] (GOG.com)
R2 hasplms; C:\Windows\system32\hasplms.exe [4574520 2017-02-14] (SafeNet, Inc.)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [133840 2017-08-08] (COMODO)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-09-19] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2123104 2017-11-02] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3002728 2017-11-02] (Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-19] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)

===================== Sterowniki (filtrowane) ======================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S3 akshasp; C:\Windows\system32\DRIVERS\akshasp.sys [87864 2017-02-14] (SafeNet, Inc.)
S3 akshhl; C:\Windows\system32\DRIVERS\akshhl.sys [86328 2017-02-14] (SafeNet, Inc.)
S3 aksusb; C:\Windows\system32\DRIVERS\aksusb.sys [332088 2017-02-14] (SafeNet, Inc.)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [40968 2017-08-09] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [827864 2017-08-09] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [50808 2017-08-09] (COMODO)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [1287496 2017-02-14] (SafeNet, Inc.)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [55232 2017-11-06] ()
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [132904 2017-08-09] (COMODO)
R1 isedrv; C:\Windows\system32\drivers\isedrv.sys [62208 2017-03-29] (COMODO)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-09-19] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48064 2017-09-19] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-09-19] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R1 wfcre; C:\Windows\System32\drivers\wfcre.sys [124288 2017-07-04] ()

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2017-11-07 18:04 - 2017-11-07 18:05 - 000014745 _____ C:\Users\Dom\Downloads\FRST.txt
2017-11-06 21:02 - 2017-11-07 18:04 - 000000000 ____D C:\FRST
2017-11-06 20:59 - 2017-11-06 20:59 - 002403328 _____ (Farbar) C:\Users\Dom\Downloads\FRST64.exe
2017-11-06 19:56 - 2017-11-06 19:56 - 960202180 _____ C:\Windows\MEMORY.DMP
2017-11-06 19:56 - 2017-11-06 19:56 - 000441924 _____ C:\Windows\Minidump\110617-15359-01.dmp
2017-11-06 19:56 - 2017-11-06 19:56 - 000000000 ____D C:\Windows\Minidump
2017-11-06 19:43 - 2017-11-06 19:43 - 000000344 _____ C:\Windows\system32\.crusader
2017-11-06 19:39 - 2017-11-06 19:56 - 000055232 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2017-11-06 19:28 - 2017-11-06 19:28 - 000000000 ____D C:\Users\Dom\Doctor Web
2017-11-06 19:28 - 2017-11-06 19:28 - 000000000 ____D C:\ProgramData\Doctor Web
2017-11-06 19:27 - 2017-11-06 19:27 - 000000000 ____D C:\KVRT_Data
2017-11-06 18:45 - 2017-11-06 18:50 - 000000000 ____D C:\ProgramData\HitmanPro
2017-11-06 18:45 - 2017-11-06 18:45 - 000000000 ____D C:\Program Files\HitmanPro
2017-11-06 18:44 - 2017-11-06 18:44 - 011584088 _____ (SurfRight B.V.) C:\Users\Dom\Downloads\HitmanPro_x64.exe
2017-11-05 22:19 - 2017-11-05 22:19 - 008261584 _____ (Malwarebytes) C:\Users\Dom\Downloads\adwcleaner_7.0.4.0.exe
2017-11-05 21:57 - 2017-11-05 21:57 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-11-05 21:57 - 2017-11-05 21:57 - 000000993 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-11-05 21:57 - 2017-11-05 21:57 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-11-04 19:21 - 2017-11-04 19:21 - 000000000 ____D C:\Users\Dom\AppData\Roaming\Macromedia
2017-11-04 18:55 - 2017-11-04 18:57 - 000000000 ____D C:\Users\Dom\AppData\Local\minergate
2017-11-04 18:55 - 2017-11-04 18:55 - 000003678 _____ C:\Windows\System32\Tasks\OneSystemCare Task
2017-11-04 18:54 - 2017-11-05 21:30 - 000000000 ____D C:\Windows\System32\Tasks\System
2017-11-04 18:49 - 2017-11-04 18:49 - 000000266 __RSH C:\Users\Dom\ntuser.pol
2017-11-04 18:48 - 2017-11-04 18:55 - 000002145 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk
2017-11-04 18:48 - 2017-11-04 18:55 - 000001942 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk
2017-11-04 18:47 - 2017-11-04 18:51 - 000000000 ____D C:\Program Files (x86)\UCBrowser
2017-11-04 18:44 - 2017-11-04 18:44 - 000021598 _____ C:\Windows\System32\Tasks\MJngPdQe2oVw
2017-11-04 18:43 - 2017-11-04 18:43 - 000002700 __RSH C:\ProgramData\ntuser.pol
2017-11-04 18:42 - 2017-11-04 18:42 - 000140800 _____ C:\Users\Dom\AppData\Local\installer.dat
2017-11-04 18:41 - 2017-11-04 20:04 - 000000000 ____D C:\WinSys
2017-11-04 18:41 - 2017-11-04 18:58 - 000000000 ____D C:\Windat
2017-11-04 18:41 - 2017-11-04 18:58 - 000000000 ____D C:\Disk
2017-11-02 20:37 - 2017-11-02 20:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-11-01 12:58 - 2017-11-01 12:58 - 000051016 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-11-01 12:58 - 2017-11-01 12:58 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-11-01 12:58 - 2017-11-01 12:58 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-11-01 12:58 - 2017-11-01 12:58 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-10-31 18:26 - 2017-10-31 18:26 - 000000779 _____ C:\Users\Dom\Desktop\RM_3d 8 64.lnk
2017-10-27 17:23 - 2017-11-03 15:41 - 000001427 _____ C:\Users\Dom\Desktop\Roblox Player.lnk
2017-10-27 17:23 - 2017-11-03 15:41 - 000001242 _____ C:\Users\Dom\Desktop\Roblox Studio.lnk
2017-10-27 17:23 - 2017-11-03 15:41 - 000000000 ____D C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2017-10-27 17:23 - 2017-10-27 18:07 - 000000000 ____D C:\Users\Dom\AppData\Local\Roblox
2017-10-27 17:23 - 2017-10-27 17:29 - 000000252 _____ C:\Users\Dom\AppData\LocalLow\rbxcsettings.rbx
2017-10-09 18:57 - 2017-10-09 18:57 - 000000000 ____D C:\Windows\LastGood

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2017-11-07 18:03 - 2017-06-03 10:13 - 001474832 _____ C:\Windows\system32\Drivers\sfi.dat
2017-11-07 18:02 - 2017-06-06 17:44 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-07 18:00 - 2017-06-03 10:06 - 000000000 ____D C:\Users\Dom\AppData\LocalLow\Mozilla
2017-11-07 16:55 - 2017-06-03 09:35 - 000000000 ____D C:\Users\Dom
2017-11-07 16:55 - 2017-06-03 09:31 - 000000000 ____D C:\Windows\system32\SleepStudy
2017-11-07 09:02 - 2017-06-11 19:59 - 000000000 ____D C:\Program Files (x86)\Google
2017-11-06 22:12 - 2017-06-11 10:25 - 000000000 ____D C:\Users\Dom\Desktop\Gry
2017-11-06 21:16 - 2017-06-11 19:51 - 005450282 _____ C:\Windows\system32\Drivers\fvstore.dat
2017-11-06 21:00 - 2017-06-03 09:38 - 003170188 _____ C:\Windows\system32\PerfStringBackup.INI
2017-11-06 21:00 - 2017-04-13 12:19 - 001488066 _____ C:\Windows\system32\perfh015.dat
2017-11-06 21:00 - 2017-04-13 12:19 - 000364014 _____ C:\Windows\system32\perfc015.dat
2017-11-06 20:17 - 2017-06-03 09:31 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-06 20:17 - 2017-03-18 12:40 - 000786432 _____ C:\Windows\system32\config\BBI
2017-11-06 19:37 - 2017-06-11 20:02 - 000000000 ___HD C:\VTRoot
2017-11-06 19:24 - 2017-06-03 17:45 - 000000000 ____D C:\Users\Dom\AppData\Local\CrashDumps
2017-11-06 19:24 - 2017-03-18 22:01 - 000000000 ____D C:\Windows\INF
2017-11-05 22:27 - 2017-06-03 10:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-11-04 19:48 - 2017-06-13 20:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gwent [GOG.com]
2017-11-04 18:55 - 2017-09-25 07:14 - 000000000 ____D C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome
2017-11-04 18:55 - 2017-06-03 17:57 - 000000000 ___RD C:\Users\Dom\Desktop\Programy
2017-11-04 18:54 - 2017-06-11 19:59 - 000000000 ____D C:\Users\Dom\AppData\Local\Google
2017-11-04 18:48 - 2017-06-03 17:36 - 000000000 ____D C:\Program Files\CCleaner
2017-11-04 18:46 - 2017-06-03 17:36 - 000002870 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2017-11-04 18:43 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\system32\GroupPolicy
2017-11-04 09:28 - 2017-06-10 22:40 - 000000000 ____D C:\Program Files (x86)\Origin
2017-11-02 20:37 - 2017-06-11 09:33 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-10-31 20:55 - 2017-06-11 19:51 - 000000000 ____D C:\Cadsis
2017-10-31 18:29 - 2017-09-05 17:07 - 000000000 ____D C:\Users\Dom\.matplotlib
2017-10-31 18:26 - 2017-06-11 20:16 - 000000777 _____ C:\Users\Dom\Desktop\RM_Win 10.lnk
2017-10-31 18:26 - 2017-06-11 20:16 - 000000748 _____ C:\Users\Dom\Desktop\RM_Obc.lnk
2017-10-31 18:26 - 2017-06-11 20:16 - 000000748 _____ C:\Users\Dom\Desktop\PL_Win.lnk
2017-10-31 18:26 - 2017-06-11 20:16 - 000000748 _____ C:\Users\Dom\Desktop\FD_Win.lnk
2017-10-31 18:26 - 2017-06-11 20:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cadsis
2017-10-29 09:15 - 2017-09-07 20:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-10-20 22:45 - 2017-06-10 11:28 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2017-10-09 20:36 - 2017-06-06 17:43 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-10-09 18:58 - 2017-06-06 20:24 - 000004000 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-09 18:58 - 2017-06-06 20:24 - 000003994 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-09 18:58 - 2017-06-06 17:43 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-10-09 18:57 - 2017-06-06 20:24 - 000004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-09 18:57 - 2017-06-06 20:24 - 000003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-09 18:57 - 2017-06-06 20:24 - 000003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-09 18:57 - 2017-06-06 20:24 - 000003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-09 18:57 - 2017-06-06 20:24 - 000003696 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-09 18:57 - 2017-06-06 20:24 - 000003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-09 18:57 - 2017-06-06 17:42 - 000000000 ____D C:\Program Files\NVIDIA Corporation

==================== Pliki w katalogu głównym wybranych folderów =======

2017-11-04 18:42 - 2017-11-04 18:42 - 000140800 _____ () C:\Users\Dom\AppData\Local\installer.dat

==================== Bamital & volsnap ======================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo
C:\Windows\explorer.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo
C:\Windows\system32\services.exe => Plik podpisany cyfrowo
C:\Windows\system32\User32.dll => Plik podpisany cyfrowo
C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo
C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo

LastRegBack: 2017-10-26 18:34

==================== Koniec  FRST.txt ============================