Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 23-11-2016 Uruchomiony przez xxxx (administrator) XXX (25-11-2016 17:16:10) Uruchomiony z C:\Users\xxxx\Desktop Załadowane profile: xxxx (Dostępne profile: xxxx) Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 9 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe (Sony DADC Austria AG.) C:\Windows\SysWOW64\UAService7.exe (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [3005552 2010-12-27] (VIA) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) HKLM-x32\...\Run: [DLLSuite2016] => C:\Program Files (x86)\DLL Suite\DLLSuite.exe HKU\S-1-5-21-773405090-3852603061-2223838452-1000\...\MountPoints2: E - E:\autorun.exe HKU\S-1-5-21-773405090-3852603061-2223838452-1000\...\MountPoints2: F - F:\SETUP.EXE HKU\S-1-5-21-773405090-3852603061-2223838452-1000\...\MountPoints2: G - G:\Setup.exe HKU\S-1-5-21-773405090-3852603061-2223838452-1000\...\MountPoints2: H - H:\autorun.exe HKU\S-1-5-21-773405090-3852603061-2223838452-1000\...\MountPoints2: I - I:\cdstart.exe HKU\S-1-5-21-773405090-3852603061-2223838452-1000\...\MountPoints2: {3eebb9be-884c-11e5-8194-50e549228df8} - H:\start.exe HKU\S-1-5-21-773405090-3852603061-2223838452-1000\...\MountPoints2: {4ac3aa81-9aa3-11e5-a253-50e549228df8} - G:\setup.exe HKU\S-1-5-21-773405090-3852603061-2223838452-1000\...\MountPoints2: {5562c998-730b-11e5-9d65-50e549228df8} - F:\SETUP.EXE HKU\S-1-5-21-773405090-3852603061-2223838452-1000\...\MountPoints2: {92af5f1c-de51-11e5-92f9-50e549228df8} - F:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-773405090-3852603061-2223838452-1000\...\MountPoints2: {9929bf33-86e9-11e5-9ae8-50e549228df8} - G:\SETUP.EXE HKU\S-1-5-21-773405090-3852603061-2223838452-1000\...\MountPoints2: {9b994abd-999a-11e5-8548-50e549228df8} - G:\autorun.exe HKU\S-1-5-21-773405090-3852603061-2223838452-1000\...\MountPoints2: {9b994abf-999a-11e5-8548-50e549228df8} - H:\setup.exe HKU\S-1-5-21-773405090-3852603061-2223838452-1000\...\MountPoints2: {a290e570-ada0-11e6-8b1f-50e549228df8} - G:\Setup.exe HKU\S-1-5-21-773405090-3852603061-2223838452-1000\...\MountPoints2: {c79200da-89d2-11e5-8d09-50e549228df8} - J:\start.exe HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Brak pliku ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Brak pliku ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Brak pliku ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Brak pliku ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Brak pliku ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Brak pliku BootExecute: autocheck autochk * sh4native Sh4Removal GroupPolicy: Ograniczenia - Chrome <======= UWAGA GroupPolicyScripts: Ograniczenia <======= UWAGA CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{BFC666B9-B9D0-463B-A1A2-20EA0AC8DC08}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1452236987&z=1b131ef0d9495c6b9d449e2gcz5w4obo0c6m7efe1q&from=wpm01073&uid=ST1000DM003-1ER162_Z4Y40JXKXXXXZ4Y40JXK HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1452236987&z=1b131ef0d9495c6b9d449e2gcz5w4obo0c6m7efe1q&from=wpm01073&uid=ST1000DM003-1ER162_Z4Y40JXKXXXXZ4Y40JXK HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://yoursites123.com/web?type=ds&ts=1452236987&z=1b131ef0d9495c6b9d449e2gcz5w4obo0c6m7efe1q&from=wpm01073&uid=ST1000DM003-1ER162_Z4Y40JXKXXXXZ4Y40JXK&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://yoursites123.com/web?type=ds&ts=1452236987&z=1b131ef0d9495c6b9d449e2gcz5w4obo0c6m7efe1q&from=wpm01073&uid=ST1000DM003-1ER162_Z4Y40JXKXXXXZ4Y40JXK&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1452236987&z=1b131ef0d9495c6b9d449e2gcz5w4obo0c6m7efe1q&from=wpm01073&uid=ST1000DM003-1ER162_Z4Y40JXKXXXXZ4Y40JXK HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1452236987&z=1b131ef0d9495c6b9d449e2gcz5w4obo0c6m7efe1q&from=wpm01073&uid=ST1000DM003-1ER162_Z4Y40JXKXXXXZ4Y40JXK HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://yoursites123.com/web?type=ds&ts=1452236987&z=1b131ef0d9495c6b9d449e2gcz5w4obo0c6m7efe1q&from=wpm01073&uid=ST1000DM003-1ER162_Z4Y40JXKXXXXZ4Y40JXK&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://yoursites123.com/web?type=ds&ts=1452236987&z=1b131ef0d9495c6b9d449e2gcz5w4obo0c6m7efe1q&from=wpm01073&uid=ST1000DM003-1ER162_Z4Y40JXKXXXXZ4Y40JXK&q={searchTerms} HKU\S-1-5-21-773405090-3852603061-2223838452-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.pl/ HKU\S-1-5-21-773405090-3852603061-2223838452-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp HKU\S-1-5-21-773405090-3852603061-2223838452-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1452236987&z=1b131ef0d9495c6b9d449e2gcz5w4obo0c6m7efe1q&from=wpm01073&uid=ST1000DM003-1ER162_Z4Y40JXKXXXXZ4Y40JXK SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKU\S-1-5-21-773405090-3852603061-2223838452-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2013-11-29] (BitComet) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-24] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-24] (Oracle Corporation) DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2011-10-13] () Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-08-22] (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-08-22] (McAfee, Inc.) Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2011-10-13] () Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2011-10-13] () Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2011-10-13] () Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-08-22] (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-08-22] (McAfee, Inc.) Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2011-10-13] () FireFox: ======== FF DefaultProfile: y6lb0ggi.default FF ProfilePath: C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\y6lb0ggi.default [2016-11-23] FF user.js: detected! => C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\y6lb0ggi.default\user.js [2016-02-01] FF NewTab: Mozilla\Firefox\Profiles\y6lb0ggi.default -> hxxp://www.nicesearches.com/search.php?q=keyword&type=hp&ts=1458572825&from=mych123&uid=st1000dm003-1er162_z4y40jxkxxxxz4y40jxk&z=c46d874ce194ffc60a03664gczdw0b3w0m8o2b6w3w FF DefaultSearchEngine: Mozilla\Firefox\Profiles\y6lb0ggi.default -> nice FF SelectedSearchEngine: Mozilla\Firefox\Profiles\y6lb0ggi.default -> nice FF Homepage: Mozilla\Firefox\Profiles\y6lb0ggi.default -> hxxp://www.nicesearches.com/search.php?q=keyword&type=hp&ts=1458572825&from=mych123&uid=st1000dm003-1er162_z4y40jxkxxxxz4y40jxk&z=c46d874ce194ffc60a03664gczdw0b3w0m8o2b6w3w FF NetworkProxy: Mozilla\Firefox\Profiles\y6lb0ggi.default -> type", 0 FF Extension: (xRocket Toolbar) - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\y6lb0ggi.default\Extensions\arthurj8283@gmail.com [2016-03-07] [Brak podpisu cyfrowego] FF Extension: (Default NewTab) - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\y6lb0ggi.default\Extensions\default_newtabff@gmail.com [2016-01-08] [Brak podpisu cyfrowego] FF Extension: (Customer Promos) - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\y6lb0ggi.default\Extensions\{9a83cf71-edcc-4039-8ca4-1258445d5fb2}.xpi [2016-02-01] [Brak podpisu cyfrowego] FF SearchPlugin: C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\y6lb0ggi.default\searchplugins\default.xml [2016-03-19] FF SearchPlugin: C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\y6lb0ggi.default\searchplugins\yoursites123.xml [2016-01-08] FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-11-24] FF HKLM-x32\...\Firefox\Extensions: [default_newtabff@gmail.com] - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\y6lb0ggi.default\extensions\default_newtabff@gmail.com FF HKLM-x32\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\y6lb0ggi.default\extensions\arthurj8283@gmail.com FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] () FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [Brak pliku] FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-24] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-24] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] (Sony Corporation) FF Plugin-x32: @Nero.com/KM -> C:\Program Files (x86)\Common Files\Nero\BROWSE~1\NPBROW~1.DLL [2011-09-23] (Nero AG) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-20] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-20] (Google Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems) FF Plugin HKU\S-1-5-21-773405090-3852603061-2223838452-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\xxxx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-773405090-3852603061-2223838452-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-03-13] () Chrome: ======= CHR HomePage: Default -> gazeta.allplayer.org/ CHR StartupUrls: Default -> "hxxp://google.pl/" CHR Profile: C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default [2016-11-25] CHR Extension: (Prezentacje Google) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-07] CHR Extension: (Flash Video Downloader) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2016-11-16] CHR Extension: (Dokumenty Google) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-01] CHR Extension: (Dysk Google) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-01] CHR Extension: (YouTube) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-01] CHR Extension: (Google Search) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-01] CHR Extension: (Video Downloader professional) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2016-07-22] CHR Extension: (Arkusze Google) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-07] CHR Extension: (McAfee® WebAdvisor) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-11-24] CHR Extension: (Dokumenty Google offline) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] CHR Extension: (Video Downloader Pro) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilppkoakomgpcblpemgbloapenijdcho [2016-10-03] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02] CHR Extension: (Video Downloader) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbbjnobglkpbfmpabbgogbnlffkmgbii [2016-10-03] CHR Extension: (Gmail) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-01] CHR Extension: (Chrome Media Router) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-21] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-773405090-3852603061-2223838452-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efhdjkbfpoohkmfaldijcpbnmbpefpkb] - C:\Program Files (x86)\ALLPlayer\AllPlayer.crx [2015-11-27] CHR HKLM-x32\...\Chrome\Extension: [efhdjkbfpoohkmfaldijcpbnmbpefpkb] - C:\Program Files (x86)\ALLPlayer\AllPlayer.crx [2015-11-27] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx Opera: ======= OPR StartupUrls: "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggUJF9ZUQhHRRgQJQpeTA0QEQUOIlpZAxRCRwcQcA4KAF0VEVQFIk0FA1oDB0VXfV5bFElXTwhgNUpMDlQUU2VRL1RXEg==" OPR Session Restore: -> [funkcja włączona] OPR Extension: (Customer Promos) - C:\Users\xxxx\AppData\Roaming\Opera Software\Opera Stable\Extensions\opfeplfoelendhmgnfdjkpnibmbkddjp [2016-02-01] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2020056 2016-02-09] (Adobe Systems, Incorporated) [Brak podpisu cyfrowego] S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.) S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () S4 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team) S4 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com) S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1473216 2016-11-17] (Disc Soft Ltd) S4 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] () S2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048 2015-08-19] (Elex do Brasil Participações Ltda) R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [163592 2016-08-22] (McAfee, Inc.) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation) S2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-11-17] (NVIDIA Corporation) R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-17] (NVIDIA Corporation) S4 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [506960 2015-12-26] (Sony Corporation) S2 sfrem02; C:\Windows\system32\sfrem02.exe [607352 2006-05-11] (Protection Technology (StarForce)) S4 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [Brak podpisu cyfrowego] R2 UserAccess7; C:\Windows\SysWOW64\UAService7.exe [135168 2016-05-11] (Sony DADC Austria AG.) [Brak podpisu cyfrowego] R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2010-12-22] (VIA Technologies, Inc.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2010-12-17] () R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2016-01-26] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.) S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378288 2016-02-03] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [269232 2016-03-02] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [302000 2015-10-08] (AVG Technologies CZ, s.r.o.) R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-12-03] (Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-11-18] (Disc Soft Ltd) R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [260856 2015-05-14] (Elex do Brasil Participações Ltda) S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [55056 2015-08-19] (Elex do Brasil Participações Ltda) R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2015-08-19] (Elex do Brasil Participações Ltda) R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [52440 2015-08-19] (Elex do Brasil Participações Ltda) R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2015-08-19] (Elex do Brasil Participações Ltda) R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2015-06-30] (Elex do Brasil Participações Ltda) R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.) S2 NetmonDrv; C:\Windows\System32\drivers\netmonDrv.sys [40816 2016-03-03] (Polypower Tech Co Ltd) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-11-17] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-11-17] (NVIDIA Corporation) R0 sfdrv02; C:\Windows\System32\drivers\sfdrv02.sys [74616 2006-09-11] (Protection Technology (StarForce)) R0 sfsync05; C:\Windows\System32\drivers\sfsync05.sys [80768 2006-12-21] (Protection Technology (StarForce)) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2016-08-15] (Duplex Secure Ltd.) U3 abgqe93n; C:\Windows\System32\Drivers\abgqe93n.sys [0 ] (Advanced Micro Devices) <==== UWAGA (zerobajtowy plik/folder) S3 XLHHardware_1_0; \??\C:\Program Files (x86)\DLL Tool\XLHHardwarex64.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-11-25 17:16 - 2016-11-25 17:16 - 00024309 _____ C:\Users\xxxx\Desktop\FRST.txt 2016-11-25 17:15 - 2016-11-25 17:16 - 00000000 ____D C:\FRST 2016-11-25 17:11 - 2016-11-25 17:11 - 02412032 _____ (Farbar) C:\Users\xxxx\Desktop\FRST64.exe 2016-11-25 16:38 - 2016-11-25 16:38 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\RUNDLL32.EXE 2016-11-25 16:35 - 2016-11-25 16:35 - 00260552 _____ C:\Users\xxxx\Desktop\sfc.txt 2016-11-24 22:21 - 2016-11-24 22:46 - 00000000 ____D C:\Users\xxxx\Desktop\WinVista7_64 2016-11-24 22:20 - 2016-11-24 22:46 - 00000000 ____D C:\Users\xxxx\Desktop\INFUpdate 2016-11-24 22:09 - 2016-11-24 22:09 - 00000000 ____D C:\Users\xxxx\AppData\Local\Microsoft Games 2016-11-24 22:04 - 2016-11-24 22:04 - 00000353 _____ C:\AdwCleaner[S1].txt 2016-11-24 22:03 - 2016-11-24 22:03 - 00002155 _____ C:\AdwCleaner[R3].txt 2016-11-24 21:52 - 2016-11-24 21:53 - 00002095 _____ C:\AdwCleaner[R2].txt 2016-11-24 21:39 - 2016-11-24 21:40 - 00002035 _____ C:\AdwCleaner[R1].txt 2016-11-24 21:21 - 2016-11-24 21:21 - 00000000 ____D C:\Users\Administrator\AppData\Local\ElevatedDiagnostics 2016-11-24 21:20 - 2016-11-25 06:32 - 00000000 ____D C:\Users\Administrator 2016-11-24 21:20 - 2016-11-24 21:21 - 00000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA Corporation 2016-11-24 21:20 - 2016-11-24 21:20 - 00000000 _SHDL C:\Users\Administrator\Ustawienia lokalne 2016-11-24 21:20 - 2016-11-24 21:20 - 00000000 _SHDL C:\Users\Administrator\Szablony 2016-11-24 21:20 - 2016-11-24 21:20 - 00000000 _SHDL C:\Users\Administrator\Moje dokumenty 2016-11-24 21:20 - 2016-11-24 21:20 - 00000000 _SHDL C:\Users\Administrator\Menu Start 2016-11-24 21:20 - 2016-11-24 21:20 - 00000000 _SHDL C:\Users\Administrator\Documents\Moje wideo 2016-11-24 21:20 - 2016-11-24 21:20 - 00000000 _SHDL C:\Users\Administrator\Documents\Moje obrazy 2016-11-24 21:20 - 2016-11-24 21:20 - 00000000 _SHDL C:\Users\Administrator\Documents\Moja muzyka 2016-11-24 21:20 - 2016-11-24 21:20 - 00000000 _SHDL C:\Users\Administrator\Dane aplikacji 2016-11-24 21:20 - 2016-11-24 21:20 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2016-11-24 21:20 - 2016-11-24 21:20 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Historia 2016-11-24 21:20 - 2016-11-24 21:20 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Dane aplikacji 2016-11-24 21:20 - 2016-11-24 21:20 - 00000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA 2016-11-24 21:20 - 2016-11-24 21:20 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google 2016-11-24 21:20 - 2016-03-15 13:23 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\TuneUp Software 2016-11-24 21:20 - 2010-11-21 08:16 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Media Center Programs 2016-11-24 21:11 - 2016-11-24 21:11 - 00000000 ____D C:\Users\xxxx\Documents\Sports Interactive 2016-11-24 21:11 - 2016-11-24 21:11 - 00000000 ____D C:\Users\xxxx\AppData\Local\Sports Interactive 2016-11-24 21:11 - 2016-11-24 21:11 - 00000000 ____D C:\Users\Public\Documents\Sports Interactive 2016-11-24 13:46 - 2016-11-24 13:46 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2016-11-24 13:46 - 2016-09-16 23:57 - 01364024 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2016-11-24 13:46 - 2016-09-09 19:25 - 00269600 _____ C:\Windows\SysWOW64\vulkan-1.dll 2016-11-24 13:46 - 2016-09-09 19:25 - 00261920 _____ C:\Windows\system32\vulkan-1.dll 2016-11-24 13:46 - 2016-09-09 19:25 - 00110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2016-11-24 13:46 - 2016-09-09 19:24 - 00125216 _____ C:\Windows\system32\vulkaninfo.exe 2016-11-24 13:04 - 2016-11-24 14:10 - 00000000 ____D C:\Program Files (x86)\McAfee 2016-11-24 13:04 - 2016-11-24 13:04 - 00000000 ____D C:\ProgramData\McAfee 2016-11-24 13:04 - 2016-11-24 13:04 - 00000000 ____D C:\Program Files\McAfee 2016-11-24 13:01 - 2016-11-24 13:04 - 00000000 ____D C:\Users\xxxx\AppData\Local\Innovative Solutions 2016-11-24 13:01 - 2016-11-24 13:01 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\Innovative Solutions 2016-11-24 12:57 - 2016-11-24 12:57 - 00003000 _____ C:\Windows\System32\Tasks\{AFEC3608-586D-4A94-9CB4-850C004E6001} 2016-11-24 12:55 - 2016-11-24 12:56 - 144591688 _____ (NVIDIA Corporation) C:\Users\xxxx\Desktop\280.26-desktop-win7-winvista-64bit-english-whql.exe 2016-11-24 12:53 - 2016-11-24 12:54 - 155849127 _____ C:\Users\xxxx\Desktop\20541171_ce8e7d7c5512cbf49c8124d59d13b5d2a08b3624.cab 2016-11-24 12:44 - 2016-11-24 12:49 - 316046904 _____ (NVIDIA Corporation) C:\Users\xxxx\Desktop\359.06-desktop-win8-win7-winvista-64bit-international-whql.exe 2016-11-24 12:26 - 2016-11-24 14:08 - 00000000 ____D C:\inetpub 2016-11-24 12:13 - 2016-11-24 22:41 - 00000000 ____D C:\Users\xxxx\AppData\Local\CrashDumps 2016-11-24 12:10 - 2016-11-24 12:10 - 00160864 _____ C:\Windows\ntbtlog.txt 2016-11-24 11:54 - 2011-02-19 23:03 - 00421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll 2016-11-24 11:54 - 2011-02-19 00:40 - 00773968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll 2016-11-24 11:54 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll 2016-11-24 11:54 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll 2016-11-24 11:47 - 2016-11-24 11:47 - 00002972 _____ C:\Windows\System32\Tasks\{EAE270AA-1B47-4AE3-AD5F-B276226ADCAC} 2016-11-24 11:44 - 2016-11-24 11:44 - 00002922 _____ C:\Windows\System32\Tasks\{CFAD942F-0D3B-4501-B6EC-05B4622C62D5} 2016-11-24 11:36 - 2016-11-24 11:36 - 00000000 ____D C:\Program Files\Microsoft Games 2016-11-24 11:27 - 2016-11-24 11:27 - 00002946 _____ C:\Windows\System32\Tasks\{FF60A1F0-3D14-48C6-B016-8873CF242784} 2016-11-23 22:44 - 2016-11-23 22:49 - 386237616 _____ (NVIDIA Corporation) C:\Users\xxxx\Desktop\375.95-desktop-win8-win7-64bit-international-whql.exe 2016-11-23 22:36 - 2015-10-01 19:40 - 00161864 _____ (Qualcomm Atheros, Inc.) C:\Windows\system32\Drivers\L1C63x64.sys 2016-11-23 22:04 - 2016-11-24 12:31 - 00000000 ____D C:\Program Files (x86)\DevID Agent 2016-11-23 21:55 - 2016-11-23 21:55 - 00000000 ____D C:\NVIDIA 2016-11-23 20:32 - 2016-11-23 20:32 - 00002940 _____ C:\Windows\System32\Tasks\{8B031373-41A2-4942-A18C-6084E7A1E010} 2016-11-23 14:53 - 2016-11-23 15:02 - 860005737 _____ C:\Users\xxxx\Desktop\Harry Potter i Czara Ognia 2005 (lektor) 720p - wideo w cda.pl.mp4 2016-11-23 14:52 - 2016-11-23 15:00 - 757382971 _____ C:\Users\xxxx\Desktop\Harry Potter i Zakon Feniksa 2007 (lektor) 720p - wideo w cda.pl.mp4 2016-11-23 13:32 - 2016-11-23 13:32 - 00000000 __SHD C:\found.014 2016-11-23 13:11 - 2016-11-23 13:22 - 00000356 _____ C:\Windows\Tasks\DriverToolkit Autorun.job 2016-11-23 13:08 - 2016-11-23 13:08 - 00000000 ____D C:\Users\xxxx\AppData\Local\DriverToolkit 2016-11-23 12:52 - 2016-11-23 12:52 - 00000000 ____D C:\Users\xxxx\AppData\Local\ElevatedDiagnostics 2016-11-23 12:22 - 2016-11-23 12:22 - 00003070 _____ C:\Windows\System32\Tasks\{D250FEA2-01CF-45DE-A006-CA91850ED8BC} 2016-11-23 12:22 - 2016-11-23 12:22 - 00003070 _____ C:\Windows\System32\Tasks\{0BCB85F3-88C9-47A8-8A17-C5E1503AE37D} 2016-11-23 12:07 - 2016-11-23 12:07 - 00003144 _____ C:\Windows\System32\Tasks\{70D7E4C2-0025-40A1-A8C3-DC672D753A5C} 2016-11-22 17:12 - 2016-11-22 17:14 - 00000000 ____D C:\Users\xxxx\Desktop\zdjecia 2016-11-22 16:46 - 2016-11-22 16:46 - 00000000 ____D C:\Users\xxxx\AppData\Local\Electronic Arts 2016-11-22 16:44 - 2016-11-24 22:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts 2016-11-22 16:44 - 2016-11-22 16:44 - 00002267 _____ C:\Users\Public\Desktop\Harry Potter i Książę Półkrwi™.lnk 2016-11-22 16:42 - 2016-11-22 16:42 - 00000000 ____D C:\Program Files (x86)\Electronic Arts 2016-11-22 16:42 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll 2016-11-22 15:53 - 2016-11-22 15:53 - 00003164 _____ C:\Windows\System32\Tasks\{9CFD0971-171A-4B60-BAB7-9B81A2A09610} 2016-11-22 15:52 - 2016-11-22 15:52 - 00003164 _____ C:\Windows\System32\Tasks\{F52028B5-6462-486D-AE5D-C33E48873065} 2016-11-22 14:43 - 2016-11-22 14:43 - 00002958 _____ C:\Windows\System32\Tasks\{AF9AD4B1-400F-44B3-9411-9BC3CDF4700C} 2016-11-22 12:09 - 2016-11-24 22:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys 2016-11-22 12:09 - 2016-11-22 12:09 - 00001112 _____ C:\Users\xxxx\Desktop\EVEREST Home Edition.lnk 2016-11-22 12:09 - 2016-11-22 12:09 - 00000000 ____D C:\Program Files (x86)\Lavalys 2016-11-21 22:46 - 2016-09-16 23:57 - 00546752 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2016-11-21 22:46 - 2016-09-16 23:57 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2016-11-21 22:46 - 2016-09-16 08:40 - 07379415 _____ C:\Windows\system32\nvcoproc.bin 2016-11-21 22:43 - 2016-11-17 03:04 - 01953336 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437595.dll 2016-11-21 22:43 - 2016-11-17 03:04 - 01595456 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2016-11-21 22:43 - 2016-11-17 03:04 - 01585088 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437595.dll 2016-11-21 22:43 - 2016-11-17 03:04 - 00212936 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2016-11-21 22:43 - 2016-11-17 03:04 - 00046024 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2016-11-21 22:43 - 2016-09-23 22:36 - 00506864 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2016-11-21 22:26 - 2016-11-21 22:27 - 00000000 ____D C:\Users\xxxx\AppData\Local\NVIDIA 2016-11-21 22:25 - 2016-11-22 22:30 - 00000000 ____D C:\Users\xxxx\AppData\Local\NVIDIA Corporation 2016-11-21 22:25 - 2016-11-21 22:25 - 00003820 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-11-21 22:25 - 2016-11-21 22:25 - 00003820 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-11-21 22:25 - 2016-11-21 22:25 - 00003770 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-11-21 22:25 - 2016-11-21 22:25 - 00003758 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-11-21 22:25 - 2016-11-21 22:25 - 00003582 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-11-21 22:25 - 2016-11-21 22:25 - 00003522 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-11-21 22:25 - 2016-11-21 22:25 - 00001422 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2016-11-21 22:25 - 2016-11-17 14:42 - 01854400 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2016-11-21 22:25 - 2016-11-17 14:42 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2016-11-21 22:25 - 2016-11-17 14:42 - 01452480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2016-11-21 22:25 - 2016-11-17 14:42 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2016-11-21 22:25 - 2016-11-17 14:42 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll 2016-11-21 22:25 - 2016-11-17 01:58 - 00001951 _____ C:\Windows\NvContainerRecovery.bat 2016-11-21 22:24 - 2016-11-17 14:42 - 00101824 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2016-11-21 22:24 - 2016-11-17 14:42 - 00091584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2016-11-21 22:24 - 2016-11-17 14:42 - 00046016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2016-11-21 22:16 - 2016-11-21 22:16 - 00003322 _____ C:\Windows\System32\Tasks\{739428F5-1532-4540-9293-ADC9115DB0D7} 2016-11-21 22:15 - 2016-11-24 22:45 - 00000000 ____D C:\Program Files (x86)\Postal2STP 2016-11-21 15:21 - 2010-11-21 04:24 - 00010752 _____ C:\Users\xxxx\Desktop\shunimpl.dll 2016-11-21 12:44 - 2016-11-21 12:55 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\Solvusoft 2016-11-21 12:43 - 2016-11-21 12:53 - 00000000 ____D C:\Users\xxxx\AppData\Local\IIIQF 2016-11-21 12:43 - 2016-11-21 12:44 - 00000000 ____D C:\ProgramData\Solvusoft 2016-11-21 12:40 - 2016-11-21 12:40 - 00132746 _____ C:\Users\xxxx\Documents\cc_20161121_123958.reg 2016-11-20 00:16 - 2016-11-22 15:56 - 00000000 ____D C:\Windows\system32\appmgmt 2016-11-19 23:18 - 2011-05-18 22:18 - 00000000 ____D C:\Users\xxxx\Desktop\Grand Theft Auto II (GTA 2) Portable - [Espera] 2016-11-19 23:12 - 2016-11-24 22:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Akella 2016-11-19 23:09 - 2016-11-24 22:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\New Super Mario Forever 2016-11-19 23:09 - 2016-11-19 23:10 - 00000000 ____D C:\Program Files (x86)\New Super Mario Bros 2012 2016-11-19 23:02 - 2016-11-19 23:11 - 773129054 _____ C:\Users\xxxx\Desktop\Harry Potter i Więzień Azkabanu (2004) Dubbing PL - HD 720p - wideo w cda.pl.mp4 2016-11-19 22:59 - 2016-11-19 23:09 - 00000000 _____ C:\Users\xxxx\Desktop\Harry Potter i Kamień Filozoficzny [ Polish DVD HD ] 1080p - wideo w cda.pl.mp4 2016-11-19 20:17 - 2016-11-19 20:17 - 00003232 _____ C:\Windows\System32\Tasks\{6FBC94C0-6BF1-4E64-B937-F64D8A1DC13A} 2016-11-19 20:09 - 2016-11-19 20:09 - 00000000 ____D C:\Users\xxxx\Downloads\postal2_postal2stp_pl 2016-11-19 08:41 - 2016-11-19 08:41 - 00000000 ____D C:\Users\xxxx\Documents\Empire Earth III 2016-11-19 08:41 - 2016-11-19 08:41 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\Sierra Entertainment 2016-11-19 08:10 - 2016-11-19 08:10 - 00000000 ____D C:\Program Files (x86)\GOG.com 2016-11-18 23:58 - 2016-11-18 23:58 - 00003068 _____ C:\Windows\System32\Tasks\{2DFDB1FC-065D-45C6-A59A-FE4C942AE776} 2016-11-18 23:57 - 2016-11-24 22:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite 2016-11-18 23:57 - 2016-11-24 22:46 - 00000000 ____D C:\Program Files\DAEMON Tools Lite 2016-11-18 23:57 - 2016-11-18 23:57 - 00047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys 2016-11-18 23:55 - 2016-11-18 23:55 - 00703024 _____ (Disc Soft Ltd.) C:\Users\xxxx\Desktop\DTLiteInstaller_www.INSTALKI.pl.exe 2016-11-18 23:50 - 2016-11-24 22:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dance eJay 3 2016-11-18 23:50 - 2016-11-18 23:50 - 00003140 _____ C:\Windows\System32\Tasks\{242EE7D4-CDA5-480E-9BF0-EA500527058A} 2016-11-18 23:49 - 2016-11-18 23:49 - 00000000 ____D C:\eJay 2016-11-18 23:48 - 2001-08-06 17:11 - 00319488 _____ (eJay AG) C:\Windows\SysWOW64\eJ_AviExportDlg.ocx 2016-11-18 23:48 - 2001-07-18 14:59 - 00274432 _____ (eJay) C:\Windows\SysWOW64\ej_equalizer.ocx 2016-11-18 23:48 - 2001-07-10 13:15 - 00270336 _____ (eJay AG) C:\Windows\SysWOW64\Ej_Endstufe2.ocx 2016-11-18 23:48 - 2001-07-06 09:18 - 00307200 _____ C:\Windows\SysWOW64\fxstudio.dll 2016-11-18 23:48 - 2001-06-28 11:37 - 00307200 _____ C:\Windows\SysWOW64\drumpad.dll 2016-11-18 23:48 - 2001-06-28 11:33 - 00274432 _____ C:\Windows\SysWOW64\Animation.dll 2016-11-18 23:48 - 2001-06-27 16:24 - 00311296 _____ (eJay) C:\Windows\SysWOW64\ej_fxstudio.ocx 2016-11-18 23:48 - 2001-04-11 12:27 - 00286720 _____ (eJay AG) C:\Windows\SysWOW64\Ej_AnimOcx2.ocx 2016-11-18 23:48 - 2000-10-23 11:33 - 00100864 _____ (zwei) C:\Windows\SysWOW64\eJ_Explorer.ocx 2016-11-18 23:48 - 2000-09-27 16:01 - 00352256 _____ (SoftShape Development) C:\Windows\SysWOW64\ActiveSkin.ocx 2016-11-18 23:48 - 2000-09-02 00:21 - 00159744 _____ (Dart Communications) C:\Windows\SysWOW64\DartSock.dll 2016-11-18 23:48 - 2000-08-30 13:14 - 00106496 _____ (Dart Communications) C:\Windows\SysWOW64\DartWeb.dll 2016-11-18 23:48 - 2000-05-10 23:15 - 00078085 _____ C:\Windows\SysWOW64\Pattern.dat 2016-11-18 23:48 - 2000-03-29 00:58 - 00280576 _____ C:\Windows\SysWOW64\pxd_kom.dll 2016-11-18 23:48 - 2000-03-28 14:27 - 00075976 _____ C:\Windows\SysWOW64\BASSDEC.dll 2016-11-18 23:48 - 1998-10-15 12:04 - 01355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVBVM50.DLL 2016-11-18 02:46 - 2016-11-18 02:46 - 05052725 _____ C:\Users\xxxx\Desktop\20110310014.mp4 2016-11-17 21:30 - 2016-11-17 21:30 - 00000000 ____D C:\Users\xxxx\Desktop\Dudek P56 - Progres 56 2016-11-17 06:17 - 2016-11-22 14:21 - 00000000 ____D C:\Users\xxxx\Desktop\hot spot 2016-11-17 06:14 - 2016-11-17 06:15 - 00000000 _____ C:\Users\xxxx\Desktop\Hot Spot nowy Admirał.rar 2016-11-16 23:17 - 2016-11-16 23:17 - 00000000 __SHD C:\found.013 2016-11-11 04:01 - 2016-11-11 04:01 - 16821120 _____ C:\Users\xxxx\Desktop\Okrutni latynosi - Sadistic.pl.mp4 2016-11-09 23:32 - 2010-01-01 00:06 - 00000000 ____D C:\Users\xxxx\Desktop\2017 2016-10-30 03:10 - 2016-11-24 22:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Droga do Eldorado 2016-10-30 03:10 - 2016-10-30 03:10 - 00002156 _____ C:\Users\xxxx\Desktop\ElDorado.lnk 2016-10-30 03:10 - 2016-10-30 03:10 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Droga do Eldorado 2016-10-30 03:09 - 2016-10-30 03:21 - 00000000 ____D C:\Program Files (x86)\Droga do Eldorado 2016-10-29 12:32 - 2016-10-29 12:42 - 726423552 _____ C:\Users\xxxx\Desktop\Złoto i Chwała׃ Droga do El Dorado ᴾᴸ.iso 2016-10-29 10:57 - 2016-10-29 11:34 - 3250253824 _____ C:\Users\xxxx\Downloads\Noc oczyszczenia Czas wyboru [2016] PLSUBBED.720p.BRRiP.XViD.AC3-MX(1).avi ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-11-25 16:56 - 2015-10-23 07:48 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-11-25 16:29 - 2016-08-20 22:18 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-11-25 14:37 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2016-11-25 13:29 - 2011-04-13 16:34 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2016-11-25 13:29 - 2009-07-14 00:32 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscat32.dll 2016-11-25 13:29 - 2009-07-14 00:26 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimtf.dll 2016-11-25 13:29 - 2009-07-14 00:11 - 00406528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp60.dll 2016-11-25 12:20 - 2009-07-14 05:45 - 00031088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-11-25 12:20 - 2009-07-14 05:45 - 00031088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-11-25 12:13 - 2016-08-20 22:18 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-11-25 12:13 - 2015-10-13 19:02 - 00000000 ____D C:\ProgramData\NVIDIA 2016-11-25 12:12 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-11-25 06:32 - 2010-11-21 08:16 - 00000000 ___RD C:\Users\Public\Recorded TV 2016-11-24 22:48 - 2016-08-15 23:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120% 2016-11-24 22:48 - 2016-04-24 19:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emergency 3 2016-11-24 22:48 - 2016-02-28 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Action Cam Movie Creator and PlayMemories Home 2016-11-24 22:48 - 2015-10-16 08:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer 2016-11-24 22:48 - 2015-10-13 18:28 - 00000000 ____D C:\Users\xxxx 2016-11-24 22:47 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2016-11-24 22:47 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2016-11-24 22:46 - 2016-10-09 13:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2016-11-24 22:46 - 2016-10-09 13:31 - 00000000 ____D C:\Program Files (x86)\Steam 2016-11-24 22:46 - 2016-05-09 02:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer 2016-11-24 22:46 - 2016-03-20 22:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fishsim2 2016-11-24 22:46 - 2016-03-19 23:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JR2WS 2016-11-24 22:46 - 2016-02-05 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE 2016-11-24 22:46 - 2015-12-15 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2016-11-24 22:46 - 2015-12-13 19:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hooligans 2016-11-24 22:46 - 2015-11-27 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Napisy24 2016-11-24 22:46 - 2015-11-21 10:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 2016-11-24 22:46 - 2015-11-20 11:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony 2016-11-24 22:46 - 2015-11-11 18:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-11-24 22:46 - 2015-10-21 09:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-11-24 22:46 - 2015-10-19 13:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp 2016-11-24 22:46 - 2015-10-15 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-11-24 22:46 - 2015-10-15 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet (64-bit) 2016-11-24 22:46 - 2015-10-13 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-11-24 22:46 - 2015-10-13 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE 2016-11-24 22:46 - 2010-01-01 05:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Spot beta 2016-11-24 22:46 - 2009-12-31 23:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aspyr 2016-11-24 22:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration 2016-11-24 22:45 - 2016-05-11 10:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra 2016-11-24 22:45 - 2016-01-05 12:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kolekcja Klasyki 2016-11-24 22:45 - 2015-11-11 11:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games 2016-11-24 22:45 - 2015-11-06 10:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games 2016-11-24 22:30 - 2015-10-13 18:36 - 00000000 ____D C:\Program Files (x86)\Intel 2016-11-24 21:27 - 2015-10-15 18:11 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\BitComet 2016-11-24 14:10 - 2011-02-04 18:38 - 00687348 _____ C:\Windows\system32\perfh015.dat 2016-11-24 14:10 - 2011-02-04 18:38 - 00010584 _____ C:\Windows\system32\perfc015.dat 2016-11-24 14:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\inetsrv 2016-11-24 14:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\inetsrv 2016-11-24 12:36 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2016-11-24 12:34 - 2015-10-13 18:36 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\DeviceVm 2016-11-24 12:33 - 2015-10-13 18:41 - 00000000 ____D C:\ProgramData\DeviceVM 2016-11-24 12:32 - 2015-12-15 21:13 - 00000000 ____D C:\Program Files (x86)\Nero 2016-11-24 12:31 - 2015-11-20 11:14 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile 2016-11-24 12:31 - 2015-11-20 11:13 - 00000000 ____D C:\Program Files (x86)\Sony Mobile 2016-11-24 12:30 - 2016-01-08 08:10 - 00000000 ____D C:\Program Files (x86)\WinZipper 2016-11-24 12:30 - 2015-10-15 18:26 - 00000000 ____D C:\Program Files (x86)\Opera 2016-11-24 12:18 - 2016-03-02 22:22 - 01400162 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2016-11-24 12:18 - 2009-07-14 06:13 - 01400162 _____ C:\Windows\system32\PerfStringBackup.INI 2016-11-24 12:10 - 2009-07-14 05:45 - 00274840 _____ C:\Windows\system32\FNTCACHE.DAT 2016-11-24 11:41 - 2015-10-21 09:38 - 00000000 ____D C:\ProgramData\Oracle 2016-11-24 11:41 - 2015-10-21 09:38 - 00000000 ____D C:\Program Files (x86)\Java 2016-11-24 11:40 - 2015-10-21 09:39 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2016-11-24 11:40 - 2015-10-13 19:44 - 00057560 _____ C:\Users\xxxx\AppData\Local\GDIPFONTCACHEV1.DAT 2016-11-24 11:38 - 2016-02-06 14:16 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-11-24 11:38 - 2016-02-06 14:13 - 00000000 ____D C:\ProgramData\Adobe 2016-11-24 11:19 - 2015-10-13 19:03 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys 2016-11-23 21:39 - 2016-03-27 09:17 - 00000000 ____D C:\GOG Games 2016-11-23 20:40 - 2016-02-02 16:57 - 00000000 ____D C:\ProgramData\Package Cache 2016-11-22 15:56 - 2015-10-14 07:15 - 00000000 ____D C:\Users\xxxx\AppData\Local\KogamaLauncher-WWW 2016-11-22 15:54 - 2015-12-12 14:22 - 00000000 ____D C:\Program Files\Common Files\Apple 2016-11-22 15:52 - 2010-01-01 05:53 - 00000000 ____D C:\Program Files (x86)\Virtual Spot 2016-11-21 22:46 - 2015-10-13 19:01 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2016-11-21 22:46 - 2015-10-13 19:00 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-11-21 22:40 - 2015-10-13 19:01 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-11-21 15:33 - 2015-10-14 09:49 - 00000000 ____D C:\Users\xxxx\Desktop\Zizi 2016-11-21 12:49 - 2015-11-14 15:27 - 00000000 ____D C:\Users\xxxx\Desktop\Grand Theft Auto IV 2016-11-20 00:50 - 2015-12-03 12:30 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\DAEMON Tools Lite 2016-11-20 00:50 - 2015-11-21 11:02 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\PhotoScape 2016-11-20 00:49 - 2015-12-15 23:53 - 00000000 ____D C:\Windows\Minidump 2016-11-20 00:49 - 2015-10-13 19:20 - 00000000 ____D C:\Windows\Panther 2016-11-19 23:53 - 2015-12-12 15:33 - 00000000 ____D C:\Users\xxxx\Downloads\Audacity-2.0.2- -Lame_enc.dll 2016-11-19 08:07 - 2016-02-20 00:14 - 00000000 ____D C:\Program Files (x86)\ElfBot NG 2016-11-19 07:58 - 2016-08-15 23:18 - 00000124 _____ C:\Users\xxxx\Documents\ax_files.xml 2016-11-17 03:04 - 2015-10-13 19:01 - 00213952 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2016-11-17 03:04 - 2015-10-13 19:01 - 00201664 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2016-11-17 00:11 - 2016-08-14 03:38 - 00000000 ___RD C:\Users\xxxx\Desktop\WSZYSTKO Z PULPITU 2016-11-15 00:30 - 2016-08-20 22:18 - 00002211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-11-15 00:30 - 2016-08-20 22:18 - 00002199 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-10-31 00:41 - 2015-10-14 09:25 - 00000000 ____D C:\Users\xxxx\AppData\Local\Google 2016-10-26 16:29 - 2010-11-21 04:27 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe ==================== Pliki w katalogu głównym wybranych folderów ======= 2016-01-16 11:25 - 2016-01-18 15:48 - 0000095 _____ () C:\Users\xxxx\AppData\Roaming\LauncherSettings_live.cfg 2016-01-17 14:31 - 2016-01-17 14:31 - 0010497 _____ () C:\Users\xxxx\AppData\Roaming\TheHunterSettings_live.bin 2016-01-16 12:09 - 2016-01-16 12:09 - 0000039 _____ () C:\Users\xxxx\AppData\Roaming\TheHunterSettings_live.cfg 2016-06-21 20:30 - 2016-06-21 20:30 - 0002317 _____ () C:\Users\xxxx\AppData\Local\recently-used.xbel 2009-12-31 23:01 - 2009-12-31 23:01 - 0000000 _____ () C:\Users\xxxx\AppData\Local\{070BB505-96C0-446A-8101-DDEA41211024} 2009-12-31 23:02 - 2009-12-31 23:02 - 0000000 _____ () C:\Users\xxxx\AppData\Local\{3209B9EF-717D-4E32-A30A-8AB4165CDCC0} 2016-06-23 17:50 - 2016-06-23 17:50 - 0000000 _____ () C:\Users\xxxx\AppData\Local\{4DDDBAF9-2610-469A-845A-D35B16652B6A} 2016-04-01 13:55 - 2016-04-01 13:55 - 0000000 _____ () C:\Users\xxxx\AppData\Local\{57AEF946-B552-437A-8A94-2C6B9DF86DB3} 2016-06-23 17:48 - 2016-06-23 17:49 - 0000000 _____ () C:\Users\xxxx\AppData\Local\{5B224A51-8939-4B4A-9E59-C8AA0B4685F9} 2009-12-31 18:12 - 2009-12-31 18:13 - 0000000 _____ () C:\Users\xxxx\AppData\Local\{6CF6BEE4-AFC4-40B0-861B-B9FD77AA9E3E} 2016-07-26 06:49 - 2016-07-26 06:49 - 0000000 _____ () C:\Users\xxxx\AppData\Local\{CEB91CEE-9E02-419B-B327-7DE7D6E2A41D} 2016-05-23 11:34 - 2016-05-23 11:34 - 0000000 _____ () C:\Users\xxxx\AppData\Local\{D8FF9A5F-E3AE-4C2B-915D-2BBBAC6CE8C5} 2015-11-20 11:11 - 2016-01-08 08:09 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Pliki do przeniesienia lub usunięcia: ==================== C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Niektóre pliki w TEMP: ==================== C:\Users\xxxx\AppData\Local\Temp\0037241479989065mcinst.exe C:\Users\xxxx\AppData\Local\Temp\ALLRemote.exe C:\Users\xxxx\AppData\Local\Temp\jre-8u111-windows-au.exe C:\Users\xxxx\AppData\Local\Temp\Napisy24.exe C:\Users\xxxx\AppData\Local\Temp\NVI2_29.DLL C:\Users\xxxx\AppData\Local\Temp\nvStInst.exe C:\Users\xxxx\AppData\Local\Temp\temp~.DLL C:\Users\xxxx\AppData\Local\Temp\temp~.EXE ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-11-24 00:43 ==================== Koniec FRST.txt ============================