Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 11.03.2018 01 Uruchomiony przez pycio (administrator) MACIEK (12-03-2018 22:27:22) Uruchomiony z C:\Users\pycio\Downloads Załadowane profile: defaultuser0 & pycio (Dostępne profile: defaultuser0 & pycio) Platform: Windows 10 Home Wersja 1709 16299.125 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe () C:\Windows\System32\PnkBstrA.exe (Electronic Arts) Z:\GAMES\Origin\OriginWebHelperService.exe (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe () C:\Program Files (x86)\Google\Drive\googledrivesync.exe () C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe () C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Kaspersky Lab ZAO) C:\Users\pycio\Downloads\KVRT.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.16299.96_none_2c40cc7f3876f2b7\TiWorker.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.) HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation) HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [345000 2017-12-25] (QIHU 360 SOFTWARE CO. LIMITED) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567936 2018-02-26] (Dropbox, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare) HKLM-x32\...\RunOnce: [{7DAD368B-FB88-46BA-8D68-5823584DABDD}] => cmd.exe /C start /D "C:\Users\pycio\AppData\Local\Temp" /B {7DAD368B-FB88-46BA-8D68-5823584DABDD}.cmd Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKU\S-1-5-21-2948902497-3262320950-2415622978-1000\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [519680 2017-09-29] (Microsoft Corporation) HKU\S-1-5-21-2948902497-3262320950-2415622978-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [41100328 2018-01-29] () HKU\S-1-5-21-2948902497-3262320950-2415622978-1001\...\Run: [Gaijin.Net Agent] => C:\Users\pycio\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2116168 2018-01-24] (Gaijin Entertainment) HKU\S-1-5-21-2948902497-3262320950-2415622978-1001\...\Run: [Spotify Web Helper] => C:\Users\pycio\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2018-02-06] (Spotify Ltd) HKU\S-1-5-21-2948902497-3262320950-2415622978-1001\...\MountPoints2: {0594afcd-fedb-11e7-ad33-3860773cc179} - "F:\OnePlus_setup.exe" /s HKU\S-1-5-21-2948902497-3262320950-2415622978-1001\...\MountPoints2: {740693e3-aa63-11e7-aca3-3860773cc179} - "F:\OnePlus_setup.exe" /s HKU\S-1-5-21-2948902497-3262320950-2415622978-1001\...\MountPoints2: {a113d869-2218-11e8-ad41-3860773cc179} - "F:\OnePlus_setup.exe" /s HKU\S-1-5-21-2948902497-3262320950-2415622978-1001\...\Winlogon: [Shell] C:\Windows\System32\cmd.exe [272896 2017-09-29] (Microsoft Corporation) <==== UWAGA HKU\S-1-5-21-2948902497-3262320950-2415622978-1001\...\Command Processor: @mode 20,5 & tasklist /FI "IMAGENAME eq SoundMixer.exe" 2>NUL | find /I /N "SoundMixer.exe">NUL && exit & if exist "C:\Users\pycio\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe" ( start /MIN "" "C:\Users\pycio\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe" & tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) else ( tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) <==== UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: 127.0.0.1 platform.wondershare.com Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{211694ac-683c-46c0-83b0-755efcb688d6}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{d964631f-4573-49fa-8cf6-71fe40947e14}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-02-28] (Microsoft Corporation) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-02-28] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-02-28] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-18] (Oracle Corporation) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-02-28] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-18] (Oracle Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-28] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-28] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-28] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-28] (Microsoft Corporation) Edge: ====== Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.9.0_neutral__d55gg7py3s0m0 [2018-02-19] FireFox: ======== FF DefaultProfile: ke8vspdu.default FF ProfilePath: C:\Users\pycio\AppData\Roaming\Mozilla\Firefox\Profiles\ke8vspdu.default [2018-03-12] FF NewTabOverride: Mozilla\Firefox\Profiles\ke8vspdu.default -> Disabled: uBlock0@raymondhill.net FF Extension: (Enhancer for YouTube™) - C:\Users\pycio\AppData\Roaming\Mozilla\Firefox\Profiles\ke8vspdu.default\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2018-02-27] FF Extension: (Nazwa) - C:\Users\pycio\AppData\Roaming\Mozilla\Firefox\Profiles\ke8vspdu.default\Extensions\firefox@ghostery.com.xpi [2018-02-27] FF Extension: (uBlock Origin) - C:\Users\pycio\AppData\Roaming\Mozilla\Firefox\Profiles\ke8vspdu.default\Extensions\uBlock0@raymondhill.net.xpi [2018-02-27] FF Extension: (Adblock Plus) - C:\Users\pycio\AppData\Roaming\Mozilla\Firefox\Profiles\ke8vspdu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-02-27] Chrome: ======= CHR HomePage: Default -> hxxp://www.google.pl/ig CHR StartupUrls: Default -> "hxxp://www.google.pl/" CHR NewTab: Default -> Active:"chrome-extension://dbfmnekepjoapopniengjbcpnbljalfg/index.html" CHR DefaultSearchKeyword: Default -> google.pl__ CHR Profile: C:\Users\pycio\AppData\Local\Google\Chrome\User Data\Default [2018-03-12] CHR Extension: (Tłumacz Google) - C:\Users\pycio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-03-01] CHR Extension: (Prezentacje) - C:\Users\pycio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-01] CHR Extension: (Magic Actions for YouTube™) - C:\Users\pycio\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2018-03-01] CHR Extension: (BetterTTV) - C:\Users\pycio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2018-03-01] CHR Extension: (Dokumenty) - C:\Users\pycio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-01] CHR Extension: (Dysk Google) - C:\Users\pycio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-01] CHR Extension: (YouTube) - C:\Users\pycio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-01] CHR Extension: (Adblock Plus) - C:\Users\pycio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-03-01] CHR Extension: (Infinity Nowa karta) - C:\Users\pycio\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbfmnekepjoapopniengjbcpnbljalfg [2018-03-07] CHR Extension: (Notifier for Gmail™) - C:\Users\pycio\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjichoefijpinlfnjghokpkojhlhkgl [2018-03-01] CHR Extension: (Logitech Smooth Scrolling) - C:\Users\pycio\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2018-03-01] CHR Extension: (Kalendarz Google) - C:\Users\pycio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2018-03-01] CHR Extension: (Arkusze) - C:\Users\pycio\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-01] CHR Extension: (Dokumenty Google offline) - C:\Users\pycio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-03-01] CHR Extension: (Checker Plus for Google Calendar™) - C:\Users\pycio\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkhggnncdpfibdhinjiegagmopldibha [2018-03-09] CHR Extension: (Disconnect) - C:\Users\pycio\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2018-03-01] CHR Extension: (DriveTunes) - C:\Users\pycio\AppData\Local\Google\Chrome\User Data\Default\Extensions\labgcacinobdnkfndodfkfeabbjckbnj [2018-03-01] CHR Extension: (Evernote Web) - C:\Users\pycio\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2018-03-01] CHR Extension: (Mapy Google) - C:\Users\pycio\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2018-03-01] CHR Extension: (Morpheon Dark) - C:\Users\pycio\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2018-03-01] CHR Extension: (Sprawdzanie poczty Google) - C:\Users\pycio\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2018-03-01] CHR Extension: (Ghostery – Bloker reklam chroniący prywatność) - C:\Users\pycio\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2018-03-09] CHR Extension: (Downloads) - C:\Users\pycio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi [2018-03-01] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\pycio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-03-01] CHR Extension: (Checker Plus for Gmail™) - C:\Users\pycio\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2018-03-01] CHR Extension: (Picasa) - C:\Users\pycio\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2018-03-01] CHR Extension: (Gmail) - C:\Users\pycio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-01] CHR Extension: (Chrome Media Router) - C:\Users\pycio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-01] CHR HKU\S-1-5-21-2948902497-3262320950-2415622978-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [glcimepnljoholdmjchkloafkggfoijh] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7962800 2018-02-22] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-12-05] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-12-05] (Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-02-26] (Dropbox, Inc.) S3 GalaxyClientService; Z:\GOG Galaxy\GalaxyClientService.exe [662600 2018-02-14] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8410184 2018-02-14] (GOG.com) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation) S3 Origin Client Service; Z:\GAMES\Origin\OriginClientService.exe [2159424 2018-03-05] (Electronic Arts) R2 Origin Web Helper Service; Z:\GAMES\Origin\OriginWebHelperService.exe [3028808 2018-03-05] (Electronic Arts) R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2017-08-02] () R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2017-08-01] () R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [929888 2017-12-25] (QIHU 360 SOFTWARE CO. LIMITED) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 360AntiHacker; C:\WINDOWS\System32\Drivers\360AntiHacker64.sys [192176 2017-12-25] (360.cn) R3 360AvFlt; C:\WINDOWS\System32\DRIVERS\360AvFlt.sys [95232 2017-08-01] (360.cn) R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [95232 2017-12-25] (360.cn) R1 360Box64; C:\WINDOWS\System32\DRIVERS\360Box64.sys [339456 2017-12-25] (360.cn) S3 360Camera; C:\WINDOWS\System32\Drivers\360Camera64.sys [57848 2017-04-21] (360.cn) R1 360FsFlt; C:\WINDOWS\System32\DRIVERS\360FsFlt.sys [442544 2017-12-25] (360.cn) U0 52C1530C; C:\WINDOWS\System32\drivers\52C1530C.sys [478392 2018-03-12] (Kaspersky Lab ZAO) R1 BAPIDRV; C:\WINDOWS\System32\DRIVERS\BAPIDRV64.sys [210568 2017-12-25] (360.cn) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows (R) Win 7 DDK provider) R3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider) R1 dvdfabio; C:\WINDOWS\system32\drivers\dvdfabio.sys [12704 2014-08-29] (DVDFab Software) S3 HWHandSet; C:\WINDOWS\system32\DRIVERS\hw_quusbmdm.sys [223232 2016-11-25] (Huawei Technologies Co., Ltd.) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_048172e9d7cc483d\nvlddmkm.sys [17524720 2018-02-26] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31024 2018-01-10] (NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57928 2018-01-24] (NVIDIA Corporation) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) R3 vdrive; C:\WINDOWS\System32\drivers\vdrive.sys [44960 2014-08-29] (DVDFab Software) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-03-12 22:24 - 2018-03-12 22:24 - 000000002 _____ C:\Users\pycio\Downloads\fwmusfprrvby.txt 2018-03-12 22:23 - 2018-03-12 22:27 - 000021385 _____ C:\Users\pycio\Downloads\FRST.txt 2018-03-12 22:22 - 2018-03-12 22:22 - 000478392 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\52C1530C.sys 2018-03-12 22:22 - 2018-03-12 22:22 - 000085600 ____N (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\66353830.sys 2018-03-12 22:22 - 2018-03-12 22:22 - 000000000 ____D C:\KVRT_Data 2018-03-12 22:20 - 2018-03-12 22:22 - 000000000 ____D C:\AdwCleaner 2018-03-12 22:18 - 2018-03-12 22:18 - 008222496 _____ (Malwarebytes) C:\Users\pycio\Downloads\AdwCleaner.exe 2018-03-12 22:17 - 2018-03-12 22:18 - 069385344 _____ (Malwarebytes ) C:\Users\pycio\Downloads\mb3-setup-consumer-3.4.4.2398-1.0.322-1.0.4310.exe 2018-03-12 22:17 - 2018-03-12 22:17 - 141872936 _____ (Kaspersky Lab ZAO) C:\Users\pycio\Downloads\KVRT.exe 2018-03-12 22:17 - 2018-03-12 22:17 - 004944584 _____ (AO Kaspersky Lab) C:\Users\pycio\Downloads\tdsskiller.exe 2018-03-12 22:17 - 2018-03-12 22:17 - 000496128 _____ C:\Users\pycio\Downloads\SpyHunterCleaner_1.05.exe 2018-03-12 22:16 - 2018-03-12 22:16 - 014178840 _____ (Malwarebytes Corp.) C:\Users\pycio\Downloads\mbar-1.10.3.1001.exe 2018-03-12 22:06 - 2018-03-12 22:27 - 000000000 ____D C:\FRST 2018-03-12 22:05 - 2018-03-12 22:05 - 002402816 _____ (Farbar) C:\Users\pycio\Downloads\FRST64.exe 2018-03-12 22:05 - 2018-03-12 22:05 - 000003073 _____ C:\Users\pycio\Desktop\fixlist.txt 2018-03-12 21:51 - 2018-03-12 22:20 - 000001274 _____ C:\Users\pycio\Desktop\cmd.exe.lnk 2018-03-12 21:42 - 2018-03-12 21:42 - 000000000 ____D C:\WINDOWS\Panther 2018-03-09 22:48 - 2018-03-09 22:48 - 000000000 ____D C:\Users\pycio\Documents\Deluxe Ski Jump 3 2018-03-01 20:30 - 2018-03-01 20:30 - 000002383 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-03-01 14:18 - 2018-03-12 21:19 - 000000000 ____D C:\Users\pycio\AppData\Local\Black_Tree_Gaming 2018-03-01 14:18 - 2018-03-01 14:18 - 000000000 ____D C:\Users\pycio\Documents\Nexus Mod Manager 2018-02-28 22:25 - 2018-02-28 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2018-02-27 22:38 - 2018-02-27 23:04 - 000000000 ____D C:\Users\pycio\AppData\LocalLow\Mozilla 2018-02-27 22:38 - 2018-02-27 22:39 - 000000000 ____D C:\Users\pycio\AppData\Local\Mozilla 2018-02-27 22:38 - 2018-02-27 22:38 - 000000000 ____D C:\Users\pycio\AppData\Roaming\Mozilla 2018-02-27 12:54 - 2018-02-27 12:54 - 000000000 ____D C:\Program Files (x86)\VulkanRT 2018-02-27 12:54 - 2018-02-23 20:28 - 000136536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2018-02-27 12:54 - 2017-12-08 23:25 - 000798520 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2018-02-27 12:54 - 2017-12-08 23:25 - 000490808 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2018-02-27 12:54 - 2017-12-08 23:24 - 000928568 _____ C:\WINDOWS\system32\vulkan-1.dll 2018-02-27 12:54 - 2017-12-08 23:24 - 000591672 _____ C:\WINDOWS\system32\vulkaninfo.exe 2018-02-27 12:53 - 2018-02-27 12:54 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2018-02-27 12:51 - 2018-02-26 04:46 - 000997736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2018-02-27 12:51 - 2018-02-26 04:46 - 000949280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2018-02-27 12:51 - 2018-02-26 04:46 - 000625696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2018-02-27 12:51 - 2018-02-26 04:46 - 000516128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2018-02-27 12:51 - 2018-02-26 04:44 - 019854816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2018-02-27 12:51 - 2018-02-26 04:44 - 016496072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2018-02-27 12:51 - 2018-02-26 04:44 - 013571008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll 2018-02-27 12:51 - 2018-02-26 04:44 - 011131688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2018-02-27 12:51 - 2018-02-26 04:44 - 004317160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2018-02-27 12:51 - 2018-02-26 04:44 - 003717432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2018-02-27 12:51 - 2018-02-26 04:44 - 001985384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439101.dll 2018-02-27 12:51 - 2018-02-26 04:44 - 001684000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439101.dll 2018-02-27 12:51 - 2018-02-26 04:44 - 001136944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2018-02-27 12:51 - 2018-02-26 04:44 - 001065880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2018-02-27 12:51 - 2018-02-26 04:44 - 000749416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll 2018-02-27 12:51 - 2018-02-26 04:44 - 000608344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll 2018-02-27 12:51 - 2018-02-26 04:43 - 040277488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2018-02-27 12:51 - 2018-02-26 04:43 - 035188640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll 2018-02-27 12:51 - 2018-02-26 04:43 - 001345944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2018-02-27 12:51 - 2018-02-26 04:43 - 000902280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2018-02-27 12:51 - 2018-02-26 04:43 - 000811992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2018-02-27 12:51 - 2018-02-26 04:43 - 000650424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2018-02-27 12:51 - 2018-02-26 04:42 - 011000480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2018-02-27 12:51 - 2018-02-26 04:42 - 003938208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2018-02-27 12:51 - 2018-02-26 04:42 - 001061352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2018-02-27 12:51 - 2018-02-25 23:11 - 000045600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll 2018-02-26 23:45 - 2018-02-26 23:45 - 000013576 _____ C:\Users\pycio\AppData\Local\recently-used.xbel 2018-02-26 12:24 - 2018-02-26 12:24 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2018-02-26 12:24 - 2018-02-26 12:24 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2018-02-26 12:24 - 2018-02-26 12:24 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2018-02-26 12:24 - 2018-02-26 12:24 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2018-02-22 16:37 - 2018-02-23 10:38 - 000000000 ____D C:\WINDOWS\Minidump 2018-02-19 22:19 - 2018-02-19 22:19 - 000000000 ___HD C:\Users\pycio\MicrosoftEdgeBackups 2018-02-14 23:40 - 2018-02-14 23:40 - 000000000 ____D C:\Users\pycio\AppData\Roaming\RiseOfIndustry 2018-02-14 23:40 - 2018-02-14 23:40 - 000000000 ____D C:\Users\pycio\AppData\LocalLow\Dapper Penguin Studios 2018-02-14 23:37 - 2018-02-14 23:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rise Of Industry [GOG.com] 2018-02-13 12:46 - 2018-02-13 12:46 - 000000000 ____D C:\Users\pycio\AppData\Roaming\Apoapsis Studios 2018-02-13 12:46 - 2018-02-13 12:46 - 000000000 ____D C:\Users\pycio\AppData\LocalLow\Apoapsis Studios ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-03-12 22:26 - 2017-12-05 12:59 - 002815902 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-03-12 22:26 - 2017-09-30 15:29 - 001308966 _____ C:\WINDOWS\system32\perfh015.dat 2018-03-12 22:26 - 2017-09-30 15:29 - 000308840 _____ C:\WINDOWS\system32\perfc015.dat 2018-03-12 22:20 - 2017-12-05 12:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-03-12 22:20 - 2017-05-29 13:37 - 000000000 ____D C:\Users\pycio\AppData\LocalLow\360WD 2018-03-12 22:20 - 2017-04-19 12:56 - 000000000 ____D C:\ProgramData\NVIDIA 2018-03-12 22:20 - 2017-03-30 10:59 - 000000000 ___RD C:\Users\pycio\Dysk Google 2018-03-12 22:19 - 2017-09-29 09:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2018-03-12 22:16 - 2017-05-29 13:40 - 000000000 ____D C:\ProgramData\360Quarant 2018-03-12 22:16 - 2017-03-30 11:08 - 000000000 ___RD C:\Users\pycio\Desktop\Programy 2018-03-12 22:16 - 2017-03-30 11:07 - 000000000 ____D C:\Users\pycio\Desktop\GRY 2018-03-12 22:01 - 2017-03-30 10:24 - 000000000 ___RD C:\Users\pycio\OneDrive 2018-03-12 21:59 - 2017-12-05 12:50 - 000000000 ____D C:\Users\pycio 2018-03-12 21:56 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-03-12 21:23 - 2017-04-10 14:55 - 000000000 ____D C:\Games 2018-03-11 16:04 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization 2018-03-11 13:47 - 2017-03-30 10:29 - 000000000 ____D C:\Users\pycio\AppData\Local\CrashDumps 2018-03-10 13:26 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps 2018-03-10 13:26 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-03-09 21:42 - 2017-12-05 12:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-03-07 21:12 - 2017-12-05 12:50 - 000000000 ____D C:\Users\pycio\AppData\Local\Packages 2018-03-06 15:36 - 2017-12-05 12:55 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2948902497-3262320950-2415622978-1001 2018-03-06 15:36 - 2017-03-30 10:24 - 000002411 _____ C:\Users\pycio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-03-03 00:21 - 2017-10-13 16:45 - 000000000 ____D C:\Users\pycio\AppData\Local\Game Dev Tycoon - Steam 2018-03-02 21:58 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF 2018-03-02 15:04 - 2017-07-19 17:09 - 000000000 __SHD C:\$360Section 2018-03-02 13:07 - 2017-03-30 10:36 - 000000000 ____D C:\ProgramData\Package Cache 2018-03-01 20:30 - 2017-03-30 10:29 - 000000000 ____D C:\Users\pycio\AppData\Local\Google 2018-03-01 20:30 - 2017-03-30 10:29 - 000000000 ____D C:\Program Files (x86)\Google 2018-02-28 22:25 - 2017-12-05 17:46 - 000000000 ____D C:\Program Files (x86)\Dropbox 2018-02-28 21:46 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2018-02-28 21:45 - 2017-06-01 14:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2018-02-28 21:38 - 2017-12-05 12:55 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2018-02-28 13:05 - 2017-08-30 14:35 - 000003358 _____ C:\Users\pycio\Desktop\OBECNOŚCI.lnk 2018-02-27 22:16 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2018-02-27 22:16 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed 2018-02-27 12:57 - 2017-03-30 10:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2018-02-27 12:55 - 2017-05-29 13:37 - 000000000 _RSHD C:\360SANDBOX 2018-02-27 12:55 - 2017-04-19 12:56 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2018-02-27 12:07 - 2017-03-30 11:03 - 000000000 ____D C:\Users\pycio\AppData\Local\Adobe 2018-02-26 23:45 - 2017-04-07 13:46 - 000000000 ____D C:\Users\pycio\AppData\Local\gtk-2.0 2018-02-26 23:45 - 2017-03-30 11:32 - 000000000 ____D C:\Users\pycio\.gimp-2.8 2018-02-26 04:43 - 2018-02-04 14:39 - 001153752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll 2018-02-26 04:42 - 2018-02-04 14:39 - 012966216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2018-02-26 04:42 - 2017-11-22 13:26 - 004630848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2018-02-25 23:11 - 2017-12-21 16:58 - 001682288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll 2018-02-25 23:11 - 2017-12-21 16:58 - 000226760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2018-02-25 18:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2018-02-25 18:07 - 2017-04-04 22:11 - 000000000 ____D C:\Users\pycio\AppData\Roaming\uTorrent 2018-02-25 17:19 - 2017-03-30 10:44 - 000000000 ____D C:\Users\pycio\AppData\Roaming\vlc 2018-02-24 05:36 - 2017-11-22 13:26 - 000048407 _____ C:\WINDOWS\system32\nvinfo.pb 2018-02-23 21:01 - 2017-04-19 12:56 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat 2018-02-23 20:22 - 2017-04-19 12:56 - 005953096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2018-02-23 20:22 - 2017-04-19 12:56 - 002587992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2018-02-23 20:22 - 2017-04-19 12:56 - 001768008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2018-02-23 20:22 - 2017-04-19 12:56 - 000633984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2018-02-23 20:22 - 2017-04-19 12:56 - 000451144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2018-02-23 20:22 - 2017-04-19 12:56 - 000122896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2018-02-23 20:22 - 2017-04-19 12:56 - 000081752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2018-02-20 17:23 - 2017-03-30 11:25 - 000000000 ____D C:\Users\pycio\AppData\Local\NVIDIA 2018-02-20 17:20 - 2017-05-10 21:54 - 000000000 ____D C:\Users\pycio\AppData\LocalLow\uTorrent 2018-02-20 16:12 - 2017-04-07 22:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2018-02-20 11:39 - 2017-12-20 10:00 - 000000000 ____D C:\Users\pycio\AppData\Local\PlaceholderTileLogoFolder 2018-02-16 15:48 - 2017-04-19 12:56 - 008083703 _____ C:\WINDOWS\system32\nvcoproc.bin 2018-02-16 15:10 - 2017-03-30 10:24 - 000000000 ____D C:\Users\pycio\AppData\Roaming\Skype 2018-02-15 23:20 - 2017-03-30 11:13 - 000000000 ____D C:\Users\pycio\Documents\The Witcher 3 2018-02-15 12:27 - 2017-04-21 21:16 - 000000000 ____D C:\Users\pycio\AppData\Local\ElevatedDiagnostics 2018-02-13 22:37 - 2017-03-30 10:55 - 000000000 ____D C:\WINDOWS\system32\MRT 2018-02-13 22:35 - 2017-10-10 22:13 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe 2018-02-13 22:35 - 2017-03-30 10:55 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2018-02-13 11:22 - 2017-09-17 21:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google 2018-02-12 23:19 - 2018-02-06 15:01 - 000000000 ____D C:\Users\pycio\AppData\Local\Spotify 2018-02-12 22:39 - 2018-02-06 15:01 - 000000000 ____D C:\Users\pycio\AppData\Roaming\Spotify 2018-02-11 21:43 - 2017-12-05 17:50 - 000000000 ___RD C:\Users\pycio\Dropbox ==================== Pliki w katalogu głównym wybranych folderów ======= 2017-04-07 13:10 - 2018-01-21 13:42 - 000000390 _____ () C:\Users\pycio\AppData\Local\kdeglobals 2017-04-07 13:09 - 2018-01-21 13:44 - 000004041 _____ () C:\Users\pycio\AppData\Local\kdenliverc 2018-02-26 23:45 - 2018-02-26 23:45 - 000013576 _____ () C:\Users\pycio\AppData\Local\recently-used.xbel 2017-03-30 12:30 - 2017-03-30 12:30 - 000000017 _____ () C:\Users\pycio\AppData\Local\resmon.resmoncfg 2017-06-14 11:04 - 2017-06-14 11:04 - 000000816 _____ () C:\Users\pycio\AppData\Local\user-places.xbel 2017-06-14 11:04 - 2017-04-07 13:09 - 000000533 _____ () C:\Users\pycio\AppData\Local\user-places.xbel.bak 2017-06-14 11:04 - 2017-06-14 11:04 - 000000000 _____ () C:\Users\pycio\AppData\Local\user-places.xbel.tbcache ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo UWAGA: ==> Nie można uzyskać dostępu do BCD. LastRegBack: 2018-03-06 16:03 ==================== Koniec FRST.txt ============================