JustPaste.it - Share Text & Images the Easy Way

Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 20.06.2018
Uruchomiony przez Wojtek (administrator) KOMPUTER (23-06-2018 12:00:42)
Uruchomiony z D:\Pobrane
Załadowane profile: Wojtek (Dostępne profile: Wojtek)
Platform: Windows 8.1 Pro (Update) (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
() C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Bitsum LLC) C:\Program Files\Process Lasso\ProcessLasso.exe
(Logixoft) C:\ProgramData\rvlkl\rvlkl.exe
(H.D.S. Hungary) C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Bitsum LLC) C:\Program Files\Process Lasso\ProcessGovernor.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
() C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2017\HDDC2017Service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Raxco Software, Inc.) C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
(CyberGhost S.A.) C:\Program Files\CyberGhost 6\CyberGhost.Service.exe
(Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgentS1.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(SoftPerfect) C:\Program Files\NetWorx\networx.exe
(Singer's Creations) C:\Program Files (x86)\Weather Watcher Live\ww.exe
() C:\Program Files (x86)\Postimage\postimage.exe
(f.lux Software LLC) C:\Users\Wojtek\AppData\Local\FluxSoftware\Flux\flux.exe
(BitTorrent Inc.) C:\Users\Wojtek\AppData\Roaming\uTorrent\uTorrent.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIRFE.EXE
(BitTorrent Inc.) C:\Users\Wojtek\AppData\Roaming\uTorrent\updates\3.4.9_42923\utorrentie.exe
(BitTorrent Inc.) C:\Users\Wojtek\AppData\Roaming\uTorrent\updates\3.4.9_42923\utorrentie.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIRFE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIRFE.EXE
(PIXELA CORPORATION) C:\Program Files (x86)\PIXELA\Everio MediaBrowser 4\MBCameraMonitor.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(CyberLink) C:\Program Files\Cyberlink\Shared files\RichVideo64.exe
() C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

==================== Rejestr (filtrowane) ===========================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [NetWorx] => C:\Program Files\NetWorx\networx.exe [7678792 2016-05-21] (SoftPerfect)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2208448 2018-03-13] (COMODO)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1074600 2016-08-28] (The Eraser Project)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9228800 2017-12-02] (Realtek Semiconductor)
HKLM\...\Run: [UMonit] => C:\Windows\SysWOW64\UMonit64.exe
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
HKLM\...\Run: [GoPro Tray App] => C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [866224 2016-10-12] ()
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [587480 2018-04-03] ()
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3752768 2018-06-18] (Dropbox, Inc.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2756672 2016-03-09] (Dominik Reichl)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2016-05-29] (Wondershare)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2016-06-04] (Apple Inc.)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [80896 2017-07-13] ()
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-22] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409424 2018-04-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [3029480 2018-05-09] (Sony Corporation)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [425864 2018-04-03] (Acronis International GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4630496 2018-04-03] ()
HKLM Group Policy restriction on software: C:\Users\*.exe <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.jse <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <==== UWAGA
HKLM Group Policy restriction on software: *.xlsx*.pif <==== UWAGA
HKLM Group Policy restriction on software: *.pub*.com <==== UWAGA
HKLM Group Policy restriction on software: *.rtf*.cmd <==== UWAGA
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <==== UWAGA
HKLM Group Policy restriction on software: %programfiles(x86)%\*\svchost.exe <==== UWAGA
HKLM Group Policy restriction on software: *.zip*.scr <==== UWAGA
HKLM Group Policy restriction on software: lsassw86s.exe <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <==== UWAGA
HKLM Group Policy restriction on software: *.docx*.pif <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.js <==== UWAGA
HKLM Group Policy restriction on software: *.png*.scr <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.bat <==== UWAGA
HKLM Group Policy restriction on software: C:\Users\*.scr <==== UWAGA
HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <==== UWAGA
HKLM Group Policy restriction on software: *.pptx*.cmd <==== UWAGA
HKLM Group Policy restriction on software: %appdata%\*.jse <==== UWAGA
HKLM Group Policy restriction on software: *.bmp*.cmd <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\Appdata\Roaming\Microsoft\Windows\IEUpdate\*.exe <==== UWAGA
HKLM Group Policy restriction on software: *.rtf*.bat <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <==== UWAGA
HKLM Group Policy restriction on software: *.rar*.scr <==== UWAGA
HKLM Group Policy restriction on software: *.docx*.bat <==== UWAGA
HKLM Group Policy restriction on software: *.doc*.pif <==== UWAGA
HKLM Group Policy restriction on software: %programdata%\*.exe <==== UWAGA
HKLM Group Policy restriction on software: *.wmv*.js <==== UWAGA
HKLM Group Policy restriction on software: *.jpg*.bat <==== UWAGA
HKLM Group Policy restriction on software: %appdata%\*.cmd <==== UWAGA
HKLM Group Policy restriction on software: *.pub*.cmd <==== UWAGA
HKLM Group Policy restriction on software: %allusersprofile%\*.cmd <==== UWAGA
HKLM Group Policy restriction on software: *.zip*.com <==== UWAGA
HKLM Group Policy restriction on software: *.mp4*.scr <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\*.js <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <==== UWAGA
HKLM Group Policy restriction on software: %allusersprofile%\*.exe <==== UWAGA
HKLM Group Policy restriction on software: *.zip*.exe <==== UWAGA
HKLM Group Policy restriction on software: *.ppt*.bat <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.jse <==== UWAGA
HKLM Group Policy restriction on software: *.divx*.com <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <==== UWAGA
HKLM Group Policy restriction on software: *.ppt*.js <==== UWAGA
HKLM Group Policy restriction on software: *.rtf*.js <==== UWAGA
HKLM Group Policy restriction on software: *.gif*.pif <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.js <==== UWAGA
HKLM Group Policy restriction on software: *.gif*.com <==== UWAGA
HKLM Group Policy restriction on software: cipher.exe <==== UWAGA
HKLM Group Policy restriction on software: *.rtf*.pif <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <==== UWAGA
HKLM Group Policy restriction on software: %appdata%\*.pif <==== UWAGA
HKLM Group Policy restriction on software: *.avi*.cmd <==== UWAGA
HKLM Group Policy restriction on software: *.doc*.js <==== UWAGA
HKLM Group Policy restriction on software: *.wma*.jse <==== UWAGA
HKLM Group Policy restriction on software: *.jpeg*.cmd <==== UWAGA
HKLM Group Policy restriction on software: %programdata%\*.scr <==== UWAGA
HKLM Group Policy restriction on software: *.wma*.pif <==== UWAGA
HKLM Group Policy restriction on software: *.wma*.js <==== UWAGA
HKLM Group Policy restriction on software: *.gif*.js <==== UWAGA
HKLM Group Policy restriction on software: *.bmp*.js <==== UWAGA
HKLM Group Policy restriction on software: C:\Users\*.js <==== UWAGA
HKLM Group Policy restriction on software: %programdata%\*.js <==== UWAGA
HKLM Group Policy restriction on software: *.xls*.scr <==== UWAGA
HKLM Group Policy restriction on software: *.rtf*.scr <==== UWAGA
HKLM Group Policy restriction on software: *.pdf*.exe <==== UWAGA
HKLM Group Policy restriction on software: *.pdf*.com <==== UWAGA
HKLM Group Policy restriction on software: *.doc*.scr <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\*.cmd <==== UWAGA
HKLM Group Policy restriction on software: *.wma*.exe <==== UWAGA
HKLM Group Policy restriction on software: *.txt*.exe <==== UWAGA
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.js <==== UWAGA
HKLM Group Policy restriction on software: *.avi*.bat <==== UWAGA
HKLM Group Policy restriction on software: *.doc*.bat <==== UWAGA
HKLM Group Policy restriction on software: %appdata%\*\*.scr <==== UWAGA
HKLM Group Policy restriction on software: *.bmp*.exe <==== UWAGA
HKLM Group Policy restriction on software: *.rar*.js <==== UWAGA
HKLM Group Policy restriction on software: *.doc*.com <==== UWAGA
HKLM Group Policy restriction on software: *.wmv*.pif <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.js <==== UWAGA
HKLM Group Policy restriction on software: %appdata%\*.com <==== UWAGA
HKLM Group Policy restriction on software: %appdata%\*\*.bat <==== UWAGA
HKLM Group Policy restriction on software: *.doc*.exe <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.cmd <==== UWAGA
HKLM Group Policy restriction on software: *.rar*.pif <==== UWAGA
HKLM Group Policy restriction on software: *.pptx*.pif <==== UWAGA
HKLM Group Policy restriction on software: *.wav*.com <==== UWAGA
HKLM Group Policy restriction on software: *.wav*.js <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.bat <==== UWAGA
HKLM Group Policy restriction on software: *.ppt*.cmd <==== UWAGA
HKLM Group Policy restriction on software: *.zip*.pif <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\*.js <==== UWAGA
HKLM Group Policy restriction on software: *.mp4*.jse <==== UWAGA
HKLM Group Policy restriction on software: *.gif*.bat <==== UWAGA
HKLM Group Policy restriction on software: *.xls*.com <==== UWAGA
HKLM Group Policy restriction on software: *.divx*.exe <==== UWAGA
HKLM Group Policy restriction on software: *.bmp*.jse <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\*.pif <==== UWAGA
HKLM Group Policy restriction on software: *.pptx*.exe <==== UWAGA
HKLM Group Policy restriction on software: *.rtf*.jse <==== UWAGA
HKLM Group Policy restriction on software: *.gif*.jse <==== UWAGA
HKLM Group Policy restriction on software: *.wav*.scr <==== UWAGA
HKLM Group Policy restriction on software: *.jpg*.cmd <==== UWAGA
HKLM Group Policy restriction on software: *.7z*.cmd <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\*.exe <==== UWAGA
HKLM Group Policy restriction on software: *.txt*.cmd <==== UWAGA
HKLM Group Policy restriction on software: vssadmin.exe <==== UWAGA
HKLM Group Policy restriction on software: *.pptx*.bat <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <==== UWAGA
HKLM Group Policy restriction on software: *.mp3*.js <==== UWAGA
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <==== UWAGA
HKLM Group Policy restriction on software: *.png*.exe <==== UWAGA
HKLM Group Policy restriction on software: %programdata%\*.pif <==== UWAGA
HKLM Group Policy restriction on software: %appdata%\*.js <==== UWAGA
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <==== UWAGA
HKLM Group Policy restriction on software: scsvserv.exe <==== UWAGA
HKLM Group Policy restriction on software: *.divx*.jse <==== UWAGA
HKLM Group Policy restriction on software: *.xls*.cmd <==== UWAGA
HKLM Group Policy restriction on software: *.wmv*.cmd <==== UWAGA
HKLM Group Policy restriction on software: %appdata%\*.scr <==== UWAGA
HKLM Group Policy restriction on software: *.rar*.exe <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\*.bat <==== UWAGA
HKLM Group Policy restriction on software: %appdata%\*\*.js <==== UWAGA
HKLM Group Policy restriction on software: *.mp3*.pif <==== UWAGA
HKLM Group Policy restriction on software: %appdata%\*.bat <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\*.com <==== UWAGA
HKLM Group Policy restriction on software: *.pub*.jse <==== UWAGA
HKLM Group Policy restriction on software: *.pub*.exe <==== UWAGA
HKLM Group Policy restriction on software: *.rar*.cmd <==== UWAGA
HKLM Group Policy restriction on software: *.jpeg*.jse <==== UWAGA
HKLM Group Policy restriction on software: *.docx*.cmd <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.jse <==== UWAGA
HKLM Group Policy restriction on software: *.7z*.exe <==== UWAGA
HKLM Group Policy restriction on software: *.mp4*.cmd <==== UWAGA
HKLM Group Policy restriction on software: *.rtf*.com <==== UWAGA
HKLM Group Policy restriction on software: *.bmp*.scr <==== UWAGA
HKLM Group Policy restriction on software: *.pdf*.js <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.jse <==== UWAGA
HKLM Group Policy restriction on software: *.jpg*.js <==== UWAGA
HKLM Group Policy restriction on software: *.wma*.com <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <==== UWAGA
HKLM Group Policy restriction on software: *.avi*.exe <==== UWAGA
HKLM Group Policy restriction on software: *.jpg*.com <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <==== UWAGA
HKLM Group Policy restriction on software: *.mp4*.js <==== UWAGA
HKLM Group Policy restriction on software: *.7z*.bat <==== UWAGA
HKLM Group Policy restriction on software: *.wav*.exe <==== UWAGA
HKLM Group Policy restriction on software: *.avi*.pif <==== UWAGA
HKLM Group Policy restriction on software: *.pdf*.cmd <==== UWAGA
HKLM Group Policy restriction on software: *.avi*.com <==== UWAGA
HKLM Group Policy restriction on software: *.jpg*.pif <==== UWAGA
HKLM Group Policy restriction on software: *.mp3*.scr <==== UWAGA
HKLM Group Policy restriction on software: *.jpeg*.exe <==== UWAGA
HKLM Group Policy restriction on software: ** <==== UWAGA
HKLM Group Policy restriction on software: *.docx*.js <==== UWAGA
HKLM Group Policy restriction on software: %appdata%\*\*.cmd <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <==== UWAGA
HKLM Group Policy restriction on software: *.pdf*.bat <==== UWAGA
HKLM Group Policy restriction on software: *.xls*.bat <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\*.bat <==== UWAGA
HKLM Group Policy restriction on software: *.xls*.pif <==== UWAGA
HKLM Group Policy restriction on software: lsassvrtdbks.exe <==== UWAGA
HKLM Group Policy restriction on software: *.ppt*.exe <==== UWAGA
HKLM Group Policy restriction on software: *.jpg*.scr <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\*.cmd <==== UWAGA
HKLM Group Policy restriction on software: *.jpeg*.com <==== UWAGA
HKLM Group Policy restriction on software: *.docx*.com <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\*.jse <==== UWAGA
HKLM Group Policy restriction on software: *.wav*.bat <==== UWAGA
HKLM Group Policy restriction on software: %appdata%\*\*.exe <==== UWAGA
HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <==== UWAGA
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <==== UWAGA
HKLM Group Policy restriction on software: *.mp3*.jse <==== UWAGA
HKLM Group Policy restriction on software: *.ppt*.pif <==== UWAGA
HKLM Group Policy restriction on software: *.png*.jse <==== UWAGA
HKLM Group Policy restriction on software: *.pub*.scr <==== UWAGA
HKLM Group Policy restriction on software: *.pptx*.js <==== UWAGA
HKLM Group Policy restriction on software: *.mp4*.exe <==== UWAGA
HKLM Group Policy restriction on software: *.mp3*.exe <==== UWAGA
HKLM Group Policy restriction on software: *.mp3*.bat <==== UWAGA
HKLM Group Policy restriction on software: *.divx*.bat <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <==== UWAGA
HKLM Group Policy restriction on software: *.pdf*.pif <==== UWAGA
HKLM Group Policy restriction on software: *.rar*.jse <==== UWAGA
HKLM Group Policy restriction on software: *.jpg*.exe <==== UWAGA
HKLM Group Policy restriction on software: *.7z*.scr <==== UWAGA
HKLM Group Policy restriction on software: *.jpg*.jse <==== UWAGA
HKLM Group Policy restriction on software: *.txt*.pif <==== UWAGA
HKLM Group Policy restriction on software: *.jpeg*.js <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\*.pif <==== UWAGA
HKLM Group Policy restriction on software: *.wma*.scr <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.bat <==== UWAGA
HKLM Group Policy restriction on software: *.zip*.bat <==== UWAGA
HKLM Group Policy restriction on software: *.divx*.scr <==== UWAGA
HKLM Group Policy restriction on software: *.pptx*.com <==== UWAGA
HKLM Group Policy restriction on software: *.7z*.pif <==== UWAGA
HKLM Group Policy restriction on software: *.xlsx*.jse <==== UWAGA
HKLM Group Policy restriction on software: %allusersprofile%\*.bat <==== UWAGA
HKLM Group Policy restriction on software: *.zip*.js <==== UWAGA
HKLM Group Policy restriction on software: *.divx*.js <==== UWAGA
HKLM Group Policy restriction on software: %appdata%\*.exe <==== UWAGA
HKLM Group Policy restriction on software: *.xlsx*.com <==== UWAGA
HKLM Group Policy restriction on software: C:\Users\*.cmd <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <==== UWAGA
HKLM Group Policy restriction on software: *.txt*.com <==== UWAGA
HKLM Group Policy restriction on software: %programdata%\*.jse <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <==== UWAGA
HKLM Group Policy restriction on software: *.png*.pif <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\*.exe <==== UWAGA
HKLM Group Policy restriction on software: *.zip*.cmd <==== UWAGA
HKLM Group Policy restriction on software: C:\Users\*.pif <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <==== UWAGA
HKLM Group Policy restriction on software: *.ppt*.scr <==== UWAGA
HKLM Group Policy restriction on software: *.wmv*.com <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <==== UWAGA
HKLM Group Policy restriction on software: *.bmp*.pif <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.js <==== UWAGA
HKLM Group Policy restriction on software: %appdata%\*\*.com <==== UWAGA
HKLM Group Policy restriction on software: *.wav*.cmd <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\*.scr <==== UWAGA
HKLM Group Policy restriction on software: *.avi*.jse <==== UWAGA
HKLM Group Policy restriction on software: *.wmv*.bat <==== UWAGA
HKLM Group Policy restriction on software: *.txt*.js <==== UWAGA
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <==== UWAGA
HKLM Group Policy restriction on software: *.mp3*.com <==== UWAGA
HKLM Group Policy restriction on software: *.gif*.exe <==== UWAGA
HKLM Group Policy restriction on software: *.wmv*.jse <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <==== UWAGA
HKLM Group Policy restriction on software: *.wmv*.scr <==== UWAGA
HKLM Group Policy restriction on software: *.zip*.jse <==== UWAGA
HKLM Group Policy restriction on software: *.ppt*.jse <==== UWAGA
HKLM Group Policy restriction on software: *.gif*.scr <==== UWAGA
HKLM Group Policy restriction on software: *.pdf*.scr <==== UWAGA
HKLM Group Policy restriction on software: %allusersprofile%\*.jse <==== UWAGA
HKLM Group Policy restriction on software: %allusersprofile%\*.com <==== UWAGA
HKLM Group Policy restriction on software: *.mp4*.com <==== UWAGA
HKLM Group Policy restriction on software: %programdata%\*.cmd <==== UWAGA
HKLM Group Policy restriction on software: C:\Users\*.jse <==== UWAGA
HKLM Group Policy restriction on software: *.pub*.bat <==== UWAGA
HKLM Group Policy restriction on software: *.rtf*.exe <==== UWAGA
HKLM Group Policy restriction on software: *.xlsx*.exe <==== UWAGA
HKLM Group Policy restriction on software: *.docx*.jse <==== UWAGA
HKLM Group Policy restriction on software: *.divx*.cmd <==== UWAGA
HKLM Group Policy restriction on software: C:\Users\*.bat <==== UWAGA
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <==== UWAGA
HKLM Group Policy restriction on software: %appdata%\*\*.jse <==== UWAGA
HKLM Group Policy restriction on software: *.txt*.jse <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <==== UWAGA
HKLM Group Policy restriction on software: *.wav*.pif <==== UWAGA
HKLM Group Policy restriction on software: *.jpeg*.bat <==== UWAGA
HKLM Group Policy restriction on software: *.wma*.bat <==== UWAGA
HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <==== UWAGA
HKLM Group Policy restriction on software: *.doc*.jse <==== UWAGA
HKLM Group Policy restriction on software: *.docx*.scr <==== UWAGA
HKLM Group Policy restriction on software: *.txt*.bat <==== UWAGA
HKLM Group Policy restriction on software: *.xls*.jse <==== UWAGA
HKLM Group Policy restriction on software: *.pptx*.jse <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\*.com <==== UWAGA
HKLM Group Policy restriction on software: *.7z*.com <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.jse <==== UWAGA
HKLM Group Policy restriction on software: *.mp4*.bat <==== UWAGA
HKLM Group Policy restriction on software: syskey.exe <==== UWAGA
HKLM Group Policy restriction on software: %programdata%\*.com <==== UWAGA
HKLM Group Policy restriction on software: *.gif*.cmd <==== UWAGA
HKLM Group Policy restriction on software: *.xls*.js <==== UWAGA
HKLM Group Policy restriction on software: *.png*.cmd <==== UWAGA
HKLM Group Policy restriction on software: *.pdf*.jse <==== UWAGA
HKLM Group Policy restriction on software: *.png*.com <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.bat <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <==== UWAGA
HKLM Group Policy restriction on software: *.jpeg*.pif <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\*.scr <==== UWAGA
HKLM Group Policy restriction on software: *.xlsx*.js <==== UWAGA
HKLM Group Policy restriction on software: *.7z*.jse <==== UWAGA
HKLM Group Policy restriction on software: *.mp4*.pif <==== UWAGA
HKLM Group Policy restriction on software: *.jpeg*.scr <==== UWAGA
HKLM Group Policy restriction on software: *.wmv*.exe <==== UWAGA
HKLM Group Policy restriction on software: *.png*.bat <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <==== UWAGA
HKLM Group Policy restriction on software: *.bmp*.com <==== UWAGA
HKLM Group Policy restriction on software: %allusersprofile%\*.js <==== UWAGA
HKLM Group Policy restriction on software: *.rar*.com <==== UWAGA
HKLM Group Policy restriction on software: *.mp3*.cmd <==== UWAGA
HKLM Group Policy restriction on software: *.wma*.cmd <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.cmd <==== UWAGA
HKLM Group Policy restriction on software: *.wav*.jse <==== UWAGA
HKLM Group Policy restriction on software: *.7z*.js <==== UWAGA
HKLM Group Policy restriction on software: *.pub*.pif <==== UWAGA
HKLM Group Policy restriction on software: *.pub*.js <==== UWAGA
HKLM Group Policy restriction on software: *:\$Recycle.Bin <==== UWAGA
HKLM Group Policy restriction on software: *.ppt*.com <==== UWAGA
HKLM Group Policy restriction on software: %appdata%\*\*.pif <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.js <==== UWAGA
HKLM Group Policy restriction on software: *.png*.js <==== UWAGA
HKLM Group Policy restriction on software: *.divx*.pif <==== UWAGA
HKLM Group Policy restriction on software: *.xlsx*.cmd <==== UWAGA
HKLM Group Policy restriction on software: *.xlsx*.bat <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.bat <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.cmd <==== UWAGA
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.cmd <==== UWAGA
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <==== UWAGA
HKLM Group Policy restriction on software: *.rar*.bat <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <==== UWAGA
HKLM Group Policy restriction on software: *.doc*.cmd <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.cmd <==== UWAGA
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <==== UWAGA
HKLM Group Policy restriction on software: *.docx*.exe <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.js <==== UWAGA
HKLM Group Policy restriction on software: *.avi*.scr <==== UWAGA
HKLM Group Policy restriction on software: *.bmp*.bat <==== UWAGA
HKLM Group Policy restriction on software: %programdata%\*.bat <==== UWAGA
HKLM Group Policy restriction on software: *.xls*.exe <==== UWAGA
HKLM Group Policy restriction on software: *.txt*.scr <==== UWAGA
HKLM Group Policy restriction on software: *.pptx*.scr <==== UWAGA
HKLM Group Policy restriction on software: *.xlsx*.scr <==== UWAGA
HKLM Group Policy restriction on software: *.avi*.js <==== UWAGA
HKLM Group Policy restriction on software: %userprofile%\*.jse <==== UWAGA
HKLM\...\Policies\Explorer\Run: [Adobe Flash Player] => C:\ProgramData\Adobe\adobe_flash_player.exe
HKU\S-1-5-21-923048533-3789413735-584199739-1001\...\Run: [WeatherWatcherLive] => C:\Program Files (x86)\Weather Watcher Live\ww.exe [2335728 2016-04-19] (Singer's Creations)
HKU\S-1-5-21-923048533-3789413735-584199739-1001\...\Run: [Postimage] => C:\Program Files (x86)\Postimage\postimage.exe [16306936 2016-05-09] ()
HKU\S-1-5-21-923048533-3789413735-584199739-1001\...\Run: [MinerGateGui] => C:\Program Files\MinerGate\minergate.exe [19334144 2016-09-23] ()
HKU\S-1-5-21-923048533-3789413735-584199739-1001\...\Run: [f.lux] => C:\Users\Wojtek\AppData\Local\FluxSoftware\Flux\flux.exe [1678840 2017-10-10] (f.lux Software LLC)
HKU\S-1-5-21-923048533-3789413735-584199739-1001\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-923048533-3789413735-584199739-1001\...\Run: [Spotify Web Helper] => C:\Users\Wojtek\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2018-01-19] (Spotify Ltd)
HKU\S-1-5-21-923048533-3789413735-584199739-1001\...\Run: [uTorrent] => C:\Users\Wojtek\AppData\Roaming\uTorrent\uTorrent.exe [2145472 2016-11-23] (BitTorrent Inc.)
HKU\S-1-5-21-923048533-3789413735-584199739-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIRFE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-923048533-3789413735-584199739-1001\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIRFE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-923048533-3789413735-584199739-1001\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIRFE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-923048533-3789413735-584199739-1001\...\MountPoints2: {5d48391d-62b9-11e6-8310-d43d7eb4cec0} - "G:\AutoRun.exe"
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Device Monitor 4.lnk [2016-11-17]
ShortcutTarget: Device Monitor 4.lnk -> C:\Program Files (x86)\PIXELA\Everio MediaBrowser 4\MBCameraMonitor.exe (PIXELA CORPORATION)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\rvlkl.lnk [2018-01-12]
ShortcutTarget: rvlkl.lnk -> C:\ProgramData\rvlkl\rvlkl.exe (Logixoft)
Startup: C:\Users\Wojtek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Flux.lnk [2016-04-19]
ShortcutTarget: Flux.lnk -> C:\Users\Wojtek\AppData\Local\FluxSoftware\Flux\flux.exe (f.lux Software LLC)
Startup: C:\Users\Wojtek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HDDlife.lnk [2017-02-11]
ShortcutTarget: HDDlife.lnk -> C:\Program Files (x86)\BinarySense\HDDlife 4\HDDlifePro.exe (Brak pliku)
GroupPolicy: Ograniczenia ? <==== UWAGA

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.55.1
Tcpip\..\Interfaces\{B168D0BC-4EC2-4504-BEF5-62BE78765D01}: [DhcpNameServer] 192.168.55.1

Internet Explorer:
==================
HKU\S-1-5-21-923048533-3789413735-584199739-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://history.google.com/history/
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-12-02] (Oracle Corporation)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2016-03-16] (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-12-02] (Oracle Corporation)
DPF: HKLM-x32 {FFA7A955-5A33-42F7-A77B-8E46AE2FAA64} hxxps://www.playmemoriescameraapps.com/portal/PMCA/PMCADownloader.cab

FireFox:
========
FF ProfilePath: C:\Users\Wojtek\AppData\Roaming\Mozilla\Firefox\Profiles\q1rus28q.default-1480755546134 [2018-06-23]
FF Homepage: Mozilla\Firefox\Profiles\q1rus28q.default-1480755546134 -> www.google.pl
FF Session Restore: Mozilla\Firefox\Profiles\q1rus28q.default-1480755546134 -> [funkcja włączona]
FF Extension: (Flash Video Downloader) - C:\Users\Wojtek\AppData\Roaming\Mozilla\Firefox\Profiles\q1rus28q.default-1480755546134\Extensions\artur.dubovoy@gmail.com.xpi [2018-04-03]
FF Extension: (Video DownloadHelper) - C:\Users\Wojtek\AppData\Roaming\Mozilla\Firefox\Profiles\q1rus28q.default-1480755546134\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-06-12]
FF Extension: (Adblock Plus) - C:\Users\Wojtek\AppData\Roaming\Mozilla\Firefox\Profiles\q1rus28q.default-1480755546134\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-05-21]
FF HKU\S-1-5-21-923048533-3789413735-584199739-1001\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\Program Files (x86)\Free Download Manager\Firefox\Extension
FF Extension: (Free Download Manager extension) - C:\Program Files (x86)\Free Download Manager\Firefox\Extension [2017-02-01] [Przestarzałe]
FF HKU\S-1-5-21-923048533-3789413735-584199739-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => nie znaleziono
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_170.dll [2017-11-03] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-04-24] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_170.dll [2017-11-03] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @IPC/npmedia3.0.0.1,version=3.0.0.1 -> C:\Program Files\webrec\Torch\3.0.0.1\npmedia3.0.0.1.dll [2013-11-16] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-12-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-12-02] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-05-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-05-07] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-04-24] (Adobe Systems)
FF Plugin-x32: Sony Corporation/PMCADownloader -> C:\ProgramData\Sony Corporation\PMCADownloader\1.2.0.13221\npPMCADownloader.dll [2012-10-17] (Sony Network Entertainment International LLC)
FF Plugin-x32: Sony Corporation/PMCADownloaderHelper -> C:\ProgramData\Sony Corporation\PMCADownloader\1.2.0.13221\PMCADownloaderHelper.exe [2016-07-03] (Sony Network Entertainment International LLC)
FF Plugin-x32: Sony Corporation/PMCADownloaderLib -> C:\ProgramData\Sony Corporation\PMCADownloader\1.2.0.13221\PMCADownloaderLib.dll [2012-10-17] (Sony Network Entertainment International LLC)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.gazeta.pl/0,0.html?p=187
CHR StartupUrls: Default -> "hxxp://www.gazeta.pl/0,0.html?p=187","\r\n"
CHR DefaultSearchKeyword: Default -> bm
CHR Session Restore: Default -> [funkcja włączona]
CHR Profile: C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default [2018-06-23]
CHR Extension: (Prezentacje) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Bitford) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\agjcpjkkccmhfopfciohkkfolnjbbdoh [2018-01-26]
CHR Extension: (Przelewy24) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiicmmpkicnndkhlnnloilpgncbpkbjj [2017-10-12]
CHR Extension: (HD for YouTube™) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjbfncbadcmnkopckegnmjgihagponf [2018-04-13]
CHR Extension: (Dokumenty) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Dysk Google) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-19]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2018-05-14]
CHR Extension: (YouTube) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-19]
CHR Extension: (Adblock Plus) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-05-17]
CHR Extension: (Tampermonkey) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-05-16]
CHR Extension: (Adobe Acrobat) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-02]
CHR Extension: (Video Downloader professional) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2018-04-09]
CHR Extension: (ARC Welder) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\emfinbmielocnlhgmfkkmkngdoccbadn [2018-02-08]
CHR Extension: (Eliminator Slajdów) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\eplekpmdodlgejgogbojajncdlapamff [2017-02-19]
CHR Extension: (Full Page Screen Capture) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2018-06-15]
CHR Extension: (Arkusze) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-19]
CHR Extension: (AdBlock) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-06-14]
CHR Extension: (Anti-Porn Pro - The best Anti-Porn addon!) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbepadcdhpahlikldbochnhfleejiokp [2017-11-12]
CHR Extension: (eBook Viewer and Converter) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\iioehemmiobfpokcflaihhghfnlhiadb [2018-01-14]
CHR Extension: (History Calendar) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfjhacjjbcdmimjeaakpnlhdcloijcg [2016-07-19]
CHR Extension: (History Eraser App) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjolhjmdgbhebcdnfjhngobjggghoipa [2016-07-15]
CHR Extension: (Video DownloadHelper) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2018-06-23]
CHR Extension: (SPOI Options) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\medeknkggnkeffoahbphecmjoakbpiab [2018-06-23]
CHR Extension: (App Runtime for Chrome (Beta)) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfaihdlpglflfgpfjcifdjdjcckigekc [2016-10-26]
CHR Extension: (Sprawdzanie poczty Google) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2016-04-19]
CHR Extension: (Ghostery – Bloker reklam chroniący prywatność) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2018-06-02]
CHR Extension: (Minimal Bookmarks Tree) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mohenkbngkbmdlkiemonbgdfgdjacaeb [2018-04-14]
CHR Extension: (Save to Pocket) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2018-04-13]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Click&Clean App) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2018-06-06]
CHR Extension: (Gmail) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-19]
CHR Extension: (Chrome Media Router) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-14]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx
CHR HKU\S-1-5-21-923048533-3789413735-584199739-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-923048533-3789413735-584199739-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pkijdmeepjhpenmighhaodgfoogncnlk] - C:\Program Files (x86)\Offline Explorer Pro\mpoe.crx [2016-12-27]

Opera:
=======
OPR Extension: (Video Downloader Prime) - C:\Users\Wojtek\AppData\Roaming\Opera Software\Opera Stable\Extensions\diefijfleiebcgdkmaefbjehgcokpdjl [2018-06-13]
OPR Extension: (HTTPS Everywhere) - C:\Users\Wojtek\AppData\Roaming\Opera Software\Opera Stable\Extensions\edaplhobcmdaneconioghljnnopmkhgm [2018-06-22]
OPR Extension: (Popup Blocker (strict)) - C:\Users\Wojtek\AppData\Roaming\Opera Software\Opera Stable\Extensions\jabcemjkhjfpkhakphioakkhcnbgeomm [2018-02-12]
OPR Extension: (TVP.PL Downloader) - C:\Users\Wojtek\AppData\Roaming\Opera Software\Opera Stable\Extensions\lpbhfckilgccpclafjiapbcelgpfmjfa [2017-12-22]
OPR Extension: (Flash Video Downloader (FVD)) - C:\Users\Wojtek\AppData\Roaming\Opera Software\Opera Stable\Extensions\neacgcjokggofibnbfapeaejhclmpple [2017-08-09]
OPR Extension: (Adblock Plus) - C:\Users\Wojtek\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-05-17]

==================== Usługi (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S4 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [2725920 2018-04-03] (Acronis International GmbH)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1218920 2018-04-03] ()
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-04-24] (Adobe Systems Incorporated)
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6096688 2018-06-19] ()
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
R2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [204880 2018-06-11] (CyberGhost S.A.)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11395096 2018-03-13] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2018-03-13] (COMODO)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-19] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-19] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-06-18] (Dropbox, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2016-11-08] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2016-10-12] ()
R2 HDDC2017Service; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2017\HDDC2017Service.exe [332120 2016-10-14] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Brak podpisu cyfrowego]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2016-08-23] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2018-04-03] (Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2018-04-03] (Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1747304 2018-04-03] ()
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [498152 2018-05-09] (Sony Corporation)
R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2016-05-29] (arvato digital services llc)
R2 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2014-10-20] (CyberLink)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1570520 2016-10-14] (Secunia)
S3 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [837848 2016-10-14] (Secunia)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7003048 2018-04-03] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11293936 2018-04-03] (TeamViewer GmbH)
R2 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
S2 Service

===================== Sterowniki (filtrowane) ======================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
S3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [118848 2016-10-26] (Advanced Micro Devices)
R1 cgnetfilter1521; C:\Windows\System32\drivers\cgnetfilter1521.sys [84768 2017-03-22] (Windows (R) Win 7 DDK provider)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [35360 2018-02-01] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [821752 2018-02-01] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [42080 2018-02-01] (COMODO)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] () [Brak podpisu cyfrowego]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] () [Brak podpisu cyfrowego]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] () [Brak podpisu cyfrowego]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] () [Brak podpisu cyfrowego]
R2 file_protector; C:\Windows\System32\DRIVERS\file_protector.sys [569392 2018-06-19] (Acronis International GmbH)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [379664 2018-06-19] (Acronis International GmbH)
S3 GeneStor; C:\Windows\system32\DRIVERS\GeneStor.sys [115704 2017-12-02] (GenesysLogic)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-12-02] (REALiX(tm))
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [125200 2018-02-01] (COMODO)
S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [36568 2013-09-30] (IObit)
R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2017-12-02] ()
S3 MDA_NTDRV; C:\Windows\system32\MDA_NTDRV.sys [21208 2013-02-25] ()
R1 networx; C:\Windows\System32\drivers\networx.sys [72120 2016-05-21] (NetFilterSDK.com)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2017-01-03] (Riverbed Technology, Inc.)
S3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46016 2016-12-26] (NVIDIA Corporation)
S3 PortTalk; C:\Windows\SysWOW64\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic hxxp://www.beyondlogic.org) [Brak podpisu cyfrowego]
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2016-10-14] (Secunia)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42064 2017-06-15] (Anchorfree Inc.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1310552 2018-06-19] (Acronis International GmbH)
R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [213336 2018-06-19] (Acronis International GmbH)
S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [690520 2018-06-19] (Acronis International GmbH)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [196040 2017-10-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [206976 2017-10-16] (Oracle Corporation)
R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [198248 2016-04-19] (IDRIX)
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [331976 2018-06-19] (Acronis International GmbH)
R0 volume_tracker; C:\Windows\System32\DRIVERS\volume_tracker.sys [243472 2018-06-19] (Acronis International GmbH)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 WinRing0_1_2_0; D:\Programy\RealTemp_370\WinRing0x64.sys [14544 2008-07-26] (OpenLibSys.org)
R0 WofAdk; C:\Windows\System32\drivers\wofadk.sys [221888 2015-10-29] (Microsoft Corporation)
S3 CrystalSysInfo; \??\C:\Program Files\MediaCoder12121\SysInfoX64.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 DUMeterDrv; \??\C:\Program Files (x86)\DU Meter\DUMETR64.SYS [X]
S3 MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys [X]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

==================== Jeden miesiąc - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2018-06-23 12:00 - 2018-06-23 12:00 - 000000000 ____D C:\FRST
2018-06-21 08:54 - 2018-06-21 08:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-06-21 08:53 - 2018-06-23 11:53 - 000000000 ____D C:\Users\Wojtek\AppData\LocalLow\uTorrent
2018-06-19 18:17 - 2018-06-19 18:17 - 000569392 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\file_protector.sys
2018-06-19 18:17 - 2018-06-19 18:17 - 000379664 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\file_tracker.sys
2018-06-19 18:17 - 2018-06-19 18:17 - 000000000 ____D C:\ProgramData\Acronis Mobile Backup Data
2018-06-19 18:16 - 2018-06-19 18:16 - 001310552 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2018-06-19 18:16 - 2018-06-19 18:16 - 000690520 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tnd.sys
2018-06-19 18:16 - 2018-06-19 18:16 - 000372784 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\snapman.sys
2018-06-19 18:16 - 2018-06-19 18:16 - 000331976 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\virtual_file.sys
2018-06-19 18:16 - 2018-06-19 18:16 - 000243472 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\volume_tracker.sys
2018-06-19 18:16 - 2018-06-19 18:16 - 000213336 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib_mounter.sys
2018-06-19 18:16 - 2018-06-19 18:16 - 000182832 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2018-06-19 18:16 - 2018-06-19 18:16 - 000001211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image.lnk
2018-06-19 18:16 - 2018-06-19 18:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2018-06-19 18:11 - 2018-06-19 18:11 - 000000000 ____D C:\Program Files (x86)\Acronis
2018-06-19 18:09 - 2018-06-19 18:23 - 000000000 ____D C:\ProgramData\Acronis
2018-06-18 13:22 - 2018-06-18 13:38 - 000000000 ____D C:\Users\Wojtek\Desktop\skany
2018-06-18 12:23 - 2018-06-18 12:23 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2018-06-18 12:23 - 2018-06-18 12:23 - 000050232 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2018-06-18 12:23 - 2018-06-18 12:23 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2018-06-18 12:23 - 2018-06-18 12:23 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2018-06-13 12:58 - 2018-06-13 12:58 - 000003888 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1477339991
2018-06-06 20:55 - 2018-06-06 20:55 - 000000744 _____ C:\Users\Wojtek\Desktop\MTM — skrót.lnk
2018-06-01 13:06 - 2018-06-23 10:06 - 000000937 _____ C:\Windows\Tasks\EPSON XP-243 245 247 Series Update {37C22584-3B58-45F1-A2A9-1E3C33CD17AD}.job
2018-06-01 13:06 - 2018-06-01 13:06 - 000003968 _____ C:\Windows\System32\Tasks\EPSON XP-243 245 247 Series Update {37C22584-3B58-45F1-A2A9-1E3C33CD17AD}
2018-06-01 13:05 - 2018-06-01 13:05 - 000000000 ____D C:\Program Files\EpsonNet
2018-06-01 12:47 - 2018-06-23 10:47 - 000000937 _____ C:\Windows\Tasks\EPSON XP-243 245 247 Series Update {42D37CFB-7903-4312-B265-5A536DDD601A}.job
2018-06-01 12:47 - 2018-06-01 12:47 - 000003968 _____ C:\Windows\System32\Tasks\EPSON XP-243 245 247 Series Update {42D37CFB-7903-4312-B265-5A536DDD601A}
2018-06-01 12:13 - 2018-06-01 13:03 - 000000000 ____D C:\Users\Wojtek\AppData\Roaming\Epson
2018-06-01 11:59 - 2018-06-23 11:59 - 000000937 _____ C:\Windows\Tasks\EPSON XP-243 245 247 Series Update {67E7DC9F-D4C5-49C7-8ECA-92C25BEBFA9E}.job
2018-06-01 11:59 - 2018-06-01 11:59 - 000003968 _____ C:\Windows\System32\Tasks\EPSON XP-243 245 247 Series Update {67E7DC9F-D4C5-49C7-8ECA-92C25BEBFA9E}
2018-06-01 11:59 - 2018-06-01 11:59 - 000000000 ____D C:\Program Files\Common Files\EPSON
2018-06-01 11:58 - 2018-06-18 21:04 - 000000000 ____D C:\Program Files (x86)\EPSON Software
2018-06-01 11:58 - 2018-06-01 13:04 - 000001157 _____ C:\Users\Public\Desktop\Epson Scan 2.lnk
2018-06-01 11:58 - 2018-06-01 12:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2018-06-01 11:58 - 2018-06-01 12:13 - 000000000 ____D C:\Program Files (x86)\epson
2018-06-01 11:58 - 2018-06-01 11:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2018-06-01 11:58 - 2016-11-08 12:30 - 000145224 _____ (Seiko Epson Corporation) C:\Windows\system32\escsvc64.exe
2018-06-01 11:58 - 2016-10-28 09:53 - 000147472 _____ (TWAIN Working Group) C:\Windows\SysWOW64\twaindsm.dll
2018-06-01 11:58 - 2016-01-18 18:18 - 000474624 _____ (Seiko Epson Corporation) C:\Windows\system32\esxw2ud.dll
2018-06-01 11:57 - 2015-12-09 04:08 - 000182784 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YLMBRFE.DLL
2018-06-01 11:57 - 2011-03-15 03:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YD4BRFE.DLL
2018-06-01 11:54 - 2018-06-01 13:03 - 000000000 ____D C:\ProgramData\EPSON
2018-06-01 11:54 - 2018-06-01 11:54 - 000003080 _____ C:\Windows\System32\Tasks\{317A0080-3510-4722-ABA0-B0B1D1103BC7}
2018-05-25 11:54 - 2018-06-21 10:54 - 000000133 _____ C:\Users\Wojtek\Desktop\Ok6GV3jN.txt

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2018-06-23 12:00 - 2016-04-19 20:19 - 000000000 ____D C:\Users\Wojtek\AppData\Roaming\WeatherWatcherLive
2018-06-23 11:58 - 2016-04-21 08:12 - 000000000 ____D C:\Users\Wojtek\AppData\Roaming\uTorrent
2018-06-23 11:50 - 2017-04-19 18:15 - 000000000 ____D C:\ProgramData\NVIDIA
2018-06-23 11:50 - 2016-04-19 19:44 - 000001166 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2018-06-23 11:50 - 2016-04-19 19:43 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-06-23 11:50 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-23 11:49 - 2016-12-03 10:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-06-23 10:26 - 2016-12-03 10:58 - 000000000 ____D C:\Users\Wojtek\AppData\LocalLow\Mozilla
2018-06-23 10:12 - 2016-04-19 19:44 - 000001170 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2018-06-23 09:20 - 2016-04-19 19:21 - 000003988 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{BBFDD611-DE5E-4960-BFEC-E8FFE137A3AC}
2018-06-22 21:41 - 2017-12-06 20:48 - 000000444 _____ C:\Users\Wojtek\Desktop\listy.txt
2018-06-22 21:38 - 2017-03-31 22:48 - 005582336 ___SH C:\Users\Wojtek\Desktop\Thumbs.db
2018-06-22 21:26 - 2016-04-19 23:18 - 000000000 ____D C:\Users\Wojtek\AppData\Roaming\Free Download Manager
2018-06-22 20:38 - 2018-05-06 20:38 - 000000000 ____D C:\Users\Wojtek\AppData\Roaming\vlc
2018-06-22 17:27 - 2016-04-19 20:32 - 000000000 ____D C:\Users\Wojtek\AppData\Roaming\foobar2000
2018-06-22 15:15 - 2014-11-21 06:46 - 002169092 _____ C:\Windows\system32\PerfStringBackup.INI
2018-06-22 15:15 - 2014-11-21 06:07 - 001056886 _____ C:\Windows\system32\perfh015.dat
2018-06-22 15:15 - 2014-11-21 06:07 - 000250674 _____ C:\Windows\system32\perfc015.dat
2018-06-22 15:15 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2018-06-21 16:17 - 2016-04-19 19:22 - 000003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-923048533-3789413735-584199739-1001
2018-06-21 08:54 - 2016-04-19 19:44 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-06-20 12:47 - 2018-01-18 00:18 - 000000000 ____D C:\Program Files\CyberGhost 6
2018-06-19 20:45 - 2016-04-19 20:22 - 000000000 ___RD C:\Users\Wojtek\Desktop\Programy
2018-06-19 18:02 - 2017-11-28 21:09 - 000000000 ____D C:\Program Files (x86)\Hard Disk Sentinel
2018-06-16 21:28 - 2017-04-23 01:13 - 000000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-06-16 21:28 - 2016-12-03 10:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-06-15 20:29 - 2016-01-31 20:06 - 000000056 _____ C:\Users\Wojtek\Desktop\chromat.txt
2018-06-13 22:13 - 2017-04-23 01:13 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-13 12:58 - 2016-10-24 22:13 - 000000000 ____D C:\Program Files (x86)\Opera
2018-06-13 12:52 - 2018-01-06 21:54 - 000000764 _____ C:\Users\Wojtek\Desktop\chomik.txt
2018-06-13 00:14 - 2016-04-19 19:17 - 000000000 ____D C:\Users\Wojtek
2018-06-10 22:06 - 2016-04-19 19:56 - 000000000 ____D C:\Users\Wojtek\AppData\Roaming\ObviousIdea
2018-06-10 11:44 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-06-09 12:07 - 2016-04-19 20:05 - 000000000 ____D C:\Users\Wojtek\AppData\Roaming\KeePass
2018-06-04 17:43 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2018-06-01 13:05 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\NDF
2018-06-01 12:13 - 2016-04-19 19:35 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-05-31 10:00 - 2017-08-06 16:54 - 000010240 _____ C:\Users\Wojtek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Pliki w katalogu głównym wybranych folderów =======

2014-08-01 13:03 - 2014-08-01 13:03 - 000247136 _____ () C:\ProgramData\DeleteFile.exe
2014-08-01 13:03 - 2014-08-01 13:03 - 000000139 _____ () C:\ProgramData\DelFile.bat
2015-03-26 13:48 - 2015-03-26 13:48 - 002174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2017-11-28 20:42 - 2018-02-27 22:36 - 000000132 _____ () C:\Users\Wojtek\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-05-14 13:07 - 2016-05-14 13:51 - 000000621 _____ () C:\Users\Wojtek\AppData\Roaming\KOMPUTER.MTBF.txt
2016-06-02 23:35 - 2016-10-22 09:35 - 000000147 _____ () C:\Users\Wojtek\AppData\Roaming\WB.CFG
2017-08-06 16:54 - 2018-05-31 10:00 - 000010240 _____ () C:\Users\Wojtek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-05-30 21:16 - 2018-05-12 23:35 - 000007605 _____ () C:\Users\Wojtek\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo
C:\Windows\explorer.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo
C:\Windows\system32\services.exe => Plik podpisany cyfrowo
C:\Windows\system32\User32.dll => Plik podpisany cyfrowo
C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo
C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo

BCD (recoveryenabled=No -> recoveryenabled=Yes) <==== pomyślnie przywrócono

LastRegBack: 2018-06-19 08:30

==================== Koniec FRST.txt ============================