Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 19.08.2018 02 Uruchomiony przez Mateusz (administrator) DESKTOP-9P9R4TJ (20-08-2018 20:08:19) Uruchomiony z C:\Users\Mateusz\Desktop Załadowane profile: Mateusz (Dostępne profile: Mateusz) Platform: Windows 10 Pro Wersja 1703 15063.483 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MsMpEng.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe (Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe () C:\Windows\KMS-R@1n.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\NisSrv.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIC.exe (Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-08-28] (Realtek Semiconductor) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM-x32\...\Run: [MagicKeyboard] => C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe [151552 2006-05-14] () HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1 HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKLM\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup HKU\S-1-5-21-529125831-1249548801-1364627780-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [729704 2018-08-10] (Disc Soft Ltd) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.30 Tcpip\..\Interfaces\{ed7f5247-ff0c-417c-99aa-820e5bb8cf6a}: [DhcpNameServer] 192.168.0.30 Internet Explorer: ================== BHO: Brak nazwy -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\Windows\system32\OldNewExplorer64.dll [2016-07-26] (www.startisback.com) FireFox: ======== FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-08-20] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-08-20] (Google Inc.) Chrome: ======= CHR Profile: C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default [2018-08-20] CHR Extension: (Prezentacje) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-20] CHR Extension: (Dokumenty) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-20] CHR Extension: (Dysk Google) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-20] CHR Extension: (YouTube) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-20] CHR Extension: (uBlock Origin) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-08-20] CHR Extension: (Dokumenty Google offline) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-20] CHR Extension: (Gmail) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-08-20] CHR Extension: (Chrome Media Router) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-20] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3570792 2018-08-10] (Disc Soft Ltd) R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2018-08-20] () [Brak podpisu cyfrowego] S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-08-20] (Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-08-20] (Microsoft Corporation) R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin" S3 WiseBootAssistant; C:\BAZA\Wise Care 365\BootTime.exe [X] ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 athr; C:\Windows\System32\drivers\athw10x.sys [4321160 2018-08-20] (Qualcomm Atheros Communications, Inc.) S2 DOSMEMIO; C:\Windows\SysWOW64\MEMIO.SYS [4300 2000-08-24] () [Brak podpisu cyfrowego] R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2018-08-20] (Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2018-08-20] (Disc Soft Ltd) S1 kupopxwo; C:\Windows\system32\drivers\kupopxwo.sys [72816 2018-08-20] (Microsoft Corporation) R3 mvyksvc; C:\Windows\System32\drivers\mvykxx.sys [152880 2014-02-06] (Marvell) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-05-03] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48064 2017-05-03] (NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-05-03] (NVIDIA Corporation) S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] () U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46584 2018-08-20] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [340008 2018-08-20] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [61992 2018-08-20] (Microsoft Corporation) S3 ykinw8; C:\Windows\System32\drivers\ykinx64.sys [288768 2017-03-18] (Marvell) U4 dcpsvc; Brak ImagePath U4 DiagTrack; Brak ImagePath U4 IEEtwCollectorService; Brak ImagePath U4 MapsBroker; Brak ImagePath S3 mshidumdf; \SystemRoot\System32\drivers\mshidumdf.sys [X] U4 napagent; Brak ImagePath U4 RetailDemo; Brak ImagePath U4 TimeBroker; Brak ImagePath U4 WbioSrvc; Brak ImagePath U4 WcsPlugInService; Brak ImagePath U4 WPCSvc; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-08-20 20:08 - 2018-08-20 20:09 - 000011162 _____ C:\Users\Mateusz\Desktop\FRST.txt 2018-08-20 20:07 - 2018-08-20 20:08 - 000000000 ____D C:\FRST 2018-08-20 20:05 - 2018-08-20 20:05 - 002413056 _____ (Farbar) C:\Users\Mateusz\Desktop\FRST64.exe 2018-08-20 19:56 - 2018-08-20 19:56 - 000000000 ____D C:\Users\Mateusz\Documents\The Witcher 3 2018-08-20 19:56 - 2018-08-20 19:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2018-08-20 19:53 - 2018-08-20 19:54 - 000000000 ____D C:\Users\Mateusz\AppData\Local\CrashDumps 2018-08-20 19:20 - 2018-08-20 19:20 - 000072816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kupopxwo.sys 2018-08-20 19:16 - 2018-08-20 19:16 - 000000096 _____ C:\Users\Mateusz\Desktop\Recenzja Samsung R580-JS02PL - Notebookcheck.pl.url 2018-08-20 19:15 - 2018-08-20 19:15 - 000000121 _____ C:\Users\Mateusz\Desktop\Uzyskaj produkt Samsung Update — sklep Microsoft Store pl-PL.url 2018-08-20 19:15 - 2018-08-20 19:15 - 000000082 _____ C:\Users\Mateusz\Desktop\NP-R580-JS02PL - Wsparcie Samsung Polska.url 2018-08-20 19:12 - 2018-08-20 19:12 - 000000000 ____D C:\ProgramData\Atheros 2018-08-20 19:11 - 2018-08-20 19:11 - 000000000 ____D C:\Users\Mateusz\Downloads\QCA_WLAN_Driver_1.0.0.1 2018-08-20 19:09 - 2018-08-20 19:09 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2018-08-20 19:09 - 2018-08-20 19:09 - 000000000 ____D C:\Users\Mateusz\Downloads\MagicKBD_7.0.3.6 2018-08-20 19:09 - 2018-08-20 19:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Samsung 2018-08-20 19:09 - 2018-08-20 19:09 - 000000000 ____D C:\Program Files\SAMSUNG 2018-08-20 19:09 - 2018-08-20 19:09 - 000000000 ____D C:\Program Files (x86)\SAMSUNG 2018-08-20 19:09 - 2006-05-08 09:44 - 000462848 _____ (SAMSUNG Electronics Co., Ltd.) C:\Windows\SysWOW64\MagicKBD.cpl 2018-08-20 19:09 - 2006-04-17 19:48 - 000001857 _____ C:\Windows\SysWOW64\KBDUU.INI 2018-08-20 19:09 - 2006-03-29 18:44 - 000001697 _____ C:\Windows\SysWOW64\KBDV.INI 2018-08-20 19:09 - 2006-03-20 18:19 - 000001834 _____ C:\Windows\SysWOW64\KBDU.INI 2018-08-20 19:09 - 2005-10-19 18:03 - 000001699 _____ C:\Windows\SysWOW64\KBDT.INI 2018-08-20 19:09 - 2005-10-19 18:02 - 000002699 _____ C:\Windows\SysWOW64\KBDO.INI 2018-08-20 19:09 - 2005-10-19 18:02 - 000002236 _____ C:\Windows\SysWOW64\KBDQ.INI 2018-08-20 19:09 - 2005-10-19 18:02 - 000001885 _____ C:\Windows\SysWOW64\KBDP.INI 2018-08-20 19:09 - 2005-10-19 17:59 - 000001819 _____ C:\Windows\SysWOW64\KBDN.INI 2018-08-20 19:09 - 2005-08-09 16:00 - 000002741 _____ C:\Windows\SysWOW64\KBDD.INI 2018-08-20 19:09 - 2005-08-09 16:00 - 000001956 _____ C:\Windows\SysWOW64\KBDE.INI 2018-08-20 19:09 - 2005-08-09 16:00 - 000001835 _____ C:\Windows\SysWOW64\KBDG.INI 2018-08-20 19:09 - 2005-08-09 16:00 - 000001476 _____ C:\Windows\SysWOW64\KBDF.INI 2018-08-20 19:09 - 2005-08-09 15:59 - 000002699 _____ C:\Windows\SysWOW64\KBDC.INI 2018-08-20 19:09 - 2005-08-09 15:59 - 000002606 _____ C:\Windows\SysWOW64\KBDB.INI 2018-08-20 19:09 - 2005-08-09 15:59 - 000001835 _____ C:\Windows\SysWOW64\KBDA.INI 2018-08-20 19:09 - 2005-03-28 22:41 - 000001522 _____ C:\Windows\SysWOW64\KBDS.INI 2018-08-20 19:09 - 2005-03-28 22:40 - 000003425 _____ C:\Windows\SysWOW64\KBDR.INI 2018-08-20 19:09 - 2000-08-24 01:19 - 000004300 _____ C:\Windows\SysWOW64\MEMIO.SYS 2018-08-20 19:09 - 2000-07-27 18:39 - 000006803 _____ C:\Windows\SysWOW64\MEMIO.VXD 2018-08-20 19:08 - 2018-08-20 19:08 - 002702473 _____ C:\Users\Mateusz\Downloads\MagicKBD_7.0.3.6.zip 2018-08-20 19:07 - 2018-08-20 19:08 - 077761996 _____ C:\Users\Mateusz\Downloads\QCA_WLAN_Driver_1.0.0.1.ZIP 2018-08-20 18:58 - 2018-08-20 18:58 - 000000000 ____D C:\Users\Mateusz\AppData\Local\mpress 2018-08-20 18:57 - 2018-08-20 18:57 - 000026112 _____ C:\Windows\KMS-R@1n.exe 2018-08-20 18:57 - 2018-08-20 18:57 - 000004096 _____ C:\Windows\KMS-R@1nHook.dll 2018-08-20 18:57 - 2018-08-20 18:57 - 000000000 ____D C:\Windows\System32\Tasks\R@1n-KMS 2018-08-20 18:56 - 2018-08-20 18:56 - 000000000 ____D C:\Users\Mateusz\AppData\Local\PeerDistRepub 2018-08-20 18:55 - 2018-08-20 18:55 - 000000000 ____D C:\Program Files\rempl 2018-08-20 18:53 - 2018-08-20 18:55 - 000000000 ____D C:\Windows\system32\MRT 2018-08-20 18:52 - 2018-08-04 02:39 - 000836480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2018-08-20 18:52 - 2018-08-04 02:39 - 000181120 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2018-08-20 18:51 - 2018-08-20 18:51 - 002133062 _____ C:\Users\Mateusz\Downloads\re-loaderbyr@1n.zip 2018-08-20 18:49 - 2018-08-20 18:51 - 000000000 ____D C:\Users\Mateusz\AppData\Local\Disc_Soft_Ltd 2018-08-20 18:49 - 2018-08-20 18:49 - 000000000 ____D C:\Users\Public\Documents\Daemon Tools Images 2018-08-20 18:45 - 2018-06-27 12:10 - 000131288 _____ (Microsoft Corporation) C:\Windows\system32\osrss.dll 2018-08-20 18:34 - 2018-08-20 18:34 - 000000000 ____D C:\Users\Public\Documents\Catch! 2018-08-20 18:32 - 2018-08-20 18:32 - 000047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys 2018-08-20 18:31 - 2018-08-20 18:50 - 000000000 ____D C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite 2018-08-20 18:31 - 2018-08-20 18:32 - 000000000 ____D C:\Program Files\DAEMON Tools Lite 2018-08-20 18:31 - 2018-08-20 18:31 - 000030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys 2018-08-20 18:30 - 2018-08-20 18:30 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite 2018-08-20 18:29 - 2018-05-03 09:16 - 000278960 _____ (Microsoft Corporation) C:\Windows\system32\Notifier.exe 2018-08-20 18:23 - 2018-08-20 18:23 - 000791712 _____ (Disc Soft Ltd.) C:\Users\Mateusz\Downloads\DTLiteInstaller.exe 2018-08-20 17:57 - 2018-08-20 17:57 - 002558935 _____ C:\Users\Mateusz\Downloads\win10-10.0.0.341-whql.zip 2018-08-20 17:53 - 2018-08-20 17:53 - 000000000 ____D C:\Windows\system32\Drivers\wd 2018-08-20 17:25 - 2018-08-20 17:25 - 000002259 _____ C:\Windows\epplauncher.mif 2018-08-20 17:24 - 2018-08-20 17:51 - 000002346 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-08-20 17:24 - 2018-08-20 17:24 - 000003568 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2018-08-20 17:24 - 2018-08-20 17:24 - 000003444 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2018-08-20 17:24 - 2018-08-20 17:24 - 000002387 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-08-20 17:23 - 2018-08-20 17:41 - 000000000 ____D C:\Users\Mateusz\AppData\Local\Google 2018-08-20 17:23 - 2018-08-20 17:24 - 000000000 ____D C:\Program Files (x86)\Google 2018-08-20 17:23 - 2018-08-20 17:23 - 000000000 ____D C:\Users\Mateusz\AppData\Local\Deployment 2018-08-20 17:23 - 2018-08-20 17:23 - 000000000 ____D C:\Users\Mateusz\AppData\Local\Apps\2.0 2018-08-20 17:09 - 2018-08-20 17:09 - 001201592 _____ C:\Users\Mateusz\Downloads\Intel_v9501005_by3DP.exe 2018-08-20 17:09 - 2018-08-20 17:09 - 000000000 ____D C:\Intel 2018-08-20 17:06 - 2018-08-20 17:06 - 000000000 ____D C:\Program Files\DIFX 2018-08-20 17:04 - 2016-07-26 01:45 - 004318648 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\SETD1EA.tmp 2018-08-20 17:04 - 2014-02-06 13:10 - 000152880 _____ (Marvell) C:\Windows\system32\Drivers\mvykxx.sys 2018-08-20 17:02 - 2018-08-20 17:09 - 000000000 ____D C:\3DP 2018-08-20 16:59 - 2018-08-20 17:02 - 138991112 _____ C:\Users\Mateusz\Downloads\3DP_Net_v1703.exe 2018-08-20 16:56 - 2018-08-20 16:56 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies 2018-08-20 16:56 - 2016-11-14 13:15 - 006789056 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2018-08-20 16:56 - 2016-11-14 13:15 - 003528128 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2018-08-20 16:56 - 2016-11-14 13:15 - 002558512 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2018-08-20 16:56 - 2016-11-14 13:15 - 000932728 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2018-08-20 16:56 - 2016-11-14 13:15 - 000384888 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2018-08-20 16:56 - 2016-11-14 13:15 - 000062328 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2018-08-20 16:56 - 2016-11-14 11:09 - 007513855 _____ C:\Windows\system32\nvcoproc.bin 2018-08-20 16:55 - 2016-11-14 14:30 - 000082488 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2018-08-20 16:55 - 2016-11-14 14:30 - 000067520 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2018-08-20 16:54 - 2016-11-14 14:30 - 031523384 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2018-08-20 16:54 - 2016-11-14 14:30 - 024208440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2018-08-20 16:54 - 2016-11-14 14:30 - 023000000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2018-08-20 16:54 - 2016-11-14 14:30 - 018634216 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2018-08-20 16:54 - 2016-11-14 14:30 - 017559384 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2018-08-20 16:54 - 2016-11-14 14:30 - 016128720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2018-08-20 16:54 - 2016-11-14 14:30 - 015301056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2018-08-20 16:54 - 2016-11-14 14:30 - 014497712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2018-08-20 16:54 - 2016-11-14 14:30 - 013915720 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2018-08-20 16:54 - 2016-11-14 14:30 - 013826968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2018-08-20 16:54 - 2016-11-14 14:30 - 012905016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2018-08-20 16:54 - 2016-11-14 14:30 - 011270656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2018-08-20 16:54 - 2016-11-14 14:30 - 011208312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2018-08-20 16:54 - 2016-11-14 14:30 - 004253240 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2018-08-20 16:54 - 2016-11-14 14:30 - 003995192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2018-08-20 16:54 - 2016-11-14 14:30 - 003207824 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2018-08-20 16:54 - 2016-11-14 14:30 - 002822568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2018-08-20 16:54 - 2016-11-14 14:30 - 001908272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434201.dll 2018-08-20 16:54 - 2016-11-14 14:30 - 001557552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434201.dll 2018-08-20 16:54 - 2016-11-14 14:30 - 001515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2018-08-20 16:54 - 2016-11-14 14:30 - 000951232 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2018-08-20 16:54 - 2016-11-14 14:30 - 000913856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2018-08-20 16:54 - 2016-11-14 14:30 - 000909760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2018-08-20 16:54 - 2016-11-14 14:30 - 000876480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2018-08-20 16:54 - 2016-11-14 14:30 - 000197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2018-08-20 16:54 - 2016-11-14 14:30 - 000031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2018-08-20 16:54 - 2016-11-14 14:30 - 000026157 _____ C:\Windows\system32\nvinfo.pb 2018-08-20 16:49 - 2018-08-20 16:49 - 000000118 _____ C:\Windows\wininit.ini 2018-08-20 16:48 - 2018-08-20 16:48 - 000000000 ____H C:\ProgramData\DP45977C.lfl 2018-08-20 16:47 - 2018-08-20 17:13 - 000000000 ____D C:\Users\Mateusz\AppData\Local\NVIDIA Corporation 2018-08-20 16:47 - 2018-08-20 16:47 - 000004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-08-20 16:47 - 2018-08-20 16:47 - 000004000 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-08-20 16:47 - 2018-08-20 16:47 - 000003994 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-08-20 16:47 - 2018-08-20 16:47 - 000001533 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2018-08-20 16:47 - 2018-08-20 16:47 - 000000000 ____D C:\Windows\SysWOW64\RTCOM 2018-08-20 16:47 - 2018-08-20 16:47 - 000000000 ____D C:\Windows\system32\SRSLabs 2018-08-20 16:47 - 2018-08-20 16:47 - 000000000 ____D C:\Users\Mateusz\AppData\Local\NVIDIA 2018-08-20 16:47 - 2018-08-20 16:47 - 000000000 ____D C:\Users\Mateusz\AppData\Local\DBG 2018-08-20 16:47 - 2018-08-20 16:47 - 000000000 ____D C:\Users\Mateusz\AppData\Local\CEF 2018-08-20 16:47 - 2018-08-20 16:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2018-08-20 16:47 - 2018-08-20 16:47 - 000000000 ____D C:\Program Files\Realtek 2018-08-20 16:47 - 2017-05-03 22:16 - 001893312 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2018-08-20 16:47 - 2017-05-03 22:16 - 001755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2018-08-20 16:47 - 2017-05-03 22:16 - 001477056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2018-08-20 16:47 - 2017-05-03 22:16 - 001317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2018-08-20 16:47 - 2017-05-03 22:16 - 000121280 _____ C:\Windows\system32\NvRtmpStreamer64.dll 2018-08-20 16:46 - 2018-08-20 19:42 - 000000000 ____D C:\ProgramData\Package Cache 2018-08-20 16:46 - 2018-08-20 17:13 - 000000000 ____D C:\ProgramData\NVIDIA 2018-08-20 16:46 - 2018-08-20 16:46 - 000003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-08-20 16:46 - 2018-08-20 16:46 - 000003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-08-20 16:46 - 2018-08-20 16:46 - 000003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-08-20 16:46 - 2018-08-20 16:46 - 000003696 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-08-20 16:46 - 2018-08-20 16:46 - 000003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-08-20 16:46 - 2017-05-03 22:16 - 000175552 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2018-08-20 16:46 - 2017-05-03 22:16 - 000143296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2018-08-20 16:46 - 2017-05-03 22:16 - 000057792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys 2018-08-20 16:46 - 2017-05-03 22:16 - 000048064 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2018-08-20 16:46 - 2017-05-03 21:28 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat 2018-08-20 16:46 - 2017-05-03 17:41 - 000001951 _____ C:\Windows\NvContainerRecovery.bat 2018-08-20 16:45 - 2018-08-20 16:45 - 086191168 _____ (NVIDIA Corporation) C:\Users\Mateusz\Downloads\GeForce_Experience_v3.6.0.74.exe 2018-08-20 16:43 - 2018-08-20 16:43 - 088223144 _____ (NVIDIA Corporation) C:\Users\Mateusz\Downloads\GeForce_Experience_v3.7.0.81.exe 2018-08-20 16:40 - 2018-08-20 16:56 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2018-08-20 16:40 - 2018-08-20 16:55 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2018-08-20 16:39 - 2018-08-20 16:56 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2018-08-20 16:38 - 2018-08-20 16:38 - 000000000 ____D C:\NVIDIA 2018-08-20 16:36 - 2018-08-20 16:41 - 306673592 _____ (NVIDIA Corporation) C:\Users\Mateusz\Downloads\342.01-desktop-win10-64bit-international.exe 2018-08-20 15:55 - 2018-08-20 16:35 - 000000000 ____D C:\Program Files (x86)\3DP Chip Lite 2018-08-20 15:55 - 2018-08-20 16:32 - 000001121 _____ C:\Users\Mateusz\Desktop\3DP Chip.lnk 2018-08-20 15:55 - 2018-08-20 15:55 - 000000000 ____D C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3DP Chip Lite 2018-08-20 15:36 - 2018-08-20 15:36 - 000000000 ____D C:\Users\Mateusz\AppData\LocalLow\Temp 2018-08-20 15:33 - 2018-08-20 17:10 - 000000000 ____D C:\Users\Mateusz 2018-08-20 15:33 - 2018-08-20 15:49 - 000000000 ____D C:\Users\Mateusz\AppData\Local\Packages 2018-08-20 15:33 - 2018-08-20 15:33 - 001048576 _____ C:\Windows\system32\secedit.sdb 2018-08-20 15:33 - 2018-08-20 15:33 - 000016384 _____ C:\Windows\system32\secedit.jfm 2018-08-20 15:33 - 2018-08-20 15:33 - 000000020 ___SH C:\Users\Mateusz\ntuser.ini 2018-08-20 15:33 - 2018-08-20 15:33 - 000000000 _SHDL C:\Users\Mateusz\Ustawienia lokalne 2018-08-20 15:33 - 2018-08-20 15:33 - 000000000 _SHDL C:\Users\Mateusz\Szablony 2018-08-20 15:33 - 2018-08-20 15:33 - 000000000 _SHDL C:\Users\Mateusz\Moje dokumenty 2018-08-20 15:33 - 2018-08-20 15:33 - 000000000 _SHDL C:\Users\Mateusz\Menu Start 2018-08-20 15:33 - 2018-08-20 15:33 - 000000000 _SHDL C:\Users\Mateusz\Documents\Moje wideo 2018-08-20 15:33 - 2018-08-20 15:33 - 000000000 _SHDL C:\Users\Mateusz\Documents\Moje obrazy 2018-08-20 15:33 - 2018-08-20 15:33 - 000000000 _SHDL C:\Users\Mateusz\Documents\Moja muzyka 2018-08-20 15:33 - 2018-08-20 15:33 - 000000000 _SHDL C:\Users\Mateusz\Dane aplikacji 2018-08-20 15:33 - 2018-08-20 15:33 - 000000000 _SHDL C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2018-08-20 15:33 - 2018-08-20 15:33 - 000000000 _SHDL C:\Users\Mateusz\AppData\Local\Historia 2018-08-20 15:33 - 2018-08-20 15:33 - 000000000 _SHDL C:\Users\Mateusz\AppData\Local\Dane aplikacji 2018-08-20 15:33 - 2018-08-20 15:33 - 000000000 ____D C:\Users\Mateusz\AppData\Roaming\Adobe 2018-08-20 15:33 - 2018-08-20 15:33 - 000000000 ____D C:\Users\Mateusz\AppData\Local\VirtualStore 2018-08-20 15:33 - 2018-08-20 15:33 - 000000000 ____D C:\Users\Mateusz\AppData\Local\TileDataLayer 2018-08-20 15:33 - 2018-08-20 15:33 - 000000000 ____D C:\Users\Mateusz\AppData\Local\StartIsBack 2018-08-20 15:33 - 2018-08-20 15:33 - 000000000 ____D C:\Users\Mateusz\AppData\Local\ConnectedDevicesPlatform 2018-08-20 15:29 - 2018-08-20 15:29 - 000000000 ____D C:\Windows\CSC 2018-08-20 15:25 - 2018-08-20 15:25 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-08-20 18:57 - 2017-07-15 15:18 - 002056600 _____ C:\Windows\system32\PerfStringBackup.INI 2018-08-20 18:57 - 2017-03-20 05:58 - 000925154 _____ C:\Windows\system32\perfh015.dat 2018-08-20 18:57 - 2017-03-20 05:58 - 000189378 _____ C:\Windows\system32\perfc015.dat 2018-08-20 18:52 - 2017-07-12 21:49 - 137343192 ____C (Microsoft Corporation) C:\Windows\system32\mrt.exe 2018-08-20 18:52 - 2017-03-18 22:51 - 000000000 ____D C:\Windows\CbsTemp 2018-08-20 18:46 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\PolicyDefinitions 2018-08-20 18:46 - 2017-03-18 13:40 - 000000000 ____D C:\Windows\servicing 2018-08-20 18:34 - 2017-03-18 23:01 - 000000000 ____D C:\Windows\INF 2018-08-20 18:13 - 2017-10-20 10:00 - 004321160 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athw10x.sys 2018-08-20 17:53 - 2017-03-18 23:03 - 000000000 ___RD C:\Program Files\Windows Defender 2018-08-20 17:27 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\system32\NDF 2018-08-20 16:56 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\Help 2018-08-20 16:35 - 2017-07-15 15:27 - 000563832 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2018-08-20 16:24 - 2017-03-18 23:03 - 000028672 _____ C:\Windows\system32\config\BCD-Template 2018-08-20 15:49 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\AppReadiness 2018-08-20 15:33 - 2017-07-15 15:14 - 000000000 __RHD C:\Users\Public\AccountPictures 2018-08-20 15:31 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\rescache 2018-08-20 15:30 - 2017-07-15 18:02 - 000000000 ____D C:\Windows\Setup 2018-08-20 15:30 - 2017-03-18 23:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2018-08-20 15:27 - 2017-07-15 16:11 - 000000000 ____D C:\Windows\Panther 2018-08-20 15:27 - 2017-07-15 15:12 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-08-20 15:26 - 2017-07-15 15:15 - 000002768 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2 2018-08-20 15:26 - 2017-03-18 13:40 - 000065536 _____ C:\Windows\system32\config\BBI 2018-08-20 15:25 - 2017-07-15 15:30 - 000219384 _____ C:\Windows\system32\FNTCACHE.DAT 2018-08-20 15:25 - 2017-07-15 15:18 - 000002546 _____ C:\Windows\System32\Tasks\StartIsBack health check 2018-08-20 15:25 - 2017-07-15 15:11 - 000000000 ____D C:\Windows\system32\SleepStudy 2018-08-20 15:24 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo testsigning: ==> Ustawiony "Tryb testu". Sprawdź obecność niepodpisanego sterownika <==== UWAGA LastRegBack: 2017-07-15 15:11 ==================== Koniec FRST.txt ============================